Tangencially related to some of the comments in this thread.
Amahi (my startup) started experiencing lots of spamming accounts a little while ago. We started using blacklists and some heuristics to detect the spammers. Then we logged the attempts.
Some interesting things emerge.
* The vast majority of them have "super123" as the password
* The vast majority use emails from china (163.com, qq.com, etc.)
* They try twice in a row if the first attempt fails
* They try regularly
The suspicion is that they then sell these accounts in bulk for later action. We have seen them have these accounts sitting idle, with occasional logins to check if they still work. Then later they pounce, posting spam links, etc.
The level of sophistication of all this is rather troublesome ...
Amahi (my startup) started experiencing lots of spamming accounts a little while ago. We started using blacklists and some heuristics to detect the spammers. Then we logged the attempts.
Some interesting things emerge.
* The vast majority of them have "super123" as the password * The vast majority use emails from china (163.com, qq.com, etc.) * They try twice in a row if the first attempt fails * They try regularly
The suspicion is that they then sell these accounts in bulk for later action. We have seen them have these accounts sitting idle, with occasional logins to check if they still work. Then later they pounce, posting spam links, etc.
The level of sophistication of all this is rather troublesome ...