Does Ghost have anything in place to handle junk accounts that get created? Each of these accounts are suspicious:
Since you have to click the confirmation link in the email, how exactly are these fake accounts doing that?
What makes you think these are fake accounts? Are you seeing spammy comments?
If you create an Outlook account, and the name is taken, a combination of name+digits is often suggested. Either way, the emails are validated by someone.
Becauseā¦
- Each email address contain a first and last name, which is not common.
- Each have not only just a number, but a number of the same length, similar to a zip code.
- Each use the outlook.com domain
The odds of each of these attributes combined is nearly impossible.
1 Like
Itās certainly possible that someoneās got some automation written to create accounts on outlook.com and to click links that arrive in email.
Itās less clear to me why someone would bother. What do they get? Scraping content? Hoping to leave comments with spammy links? Iām not sure! Is there any evidence of those accounts doing those things?
Butā¦ you could try turning on Cloudflareās bot protection. No idea whether youāll get useful detection or not, however!
1 Like
These Mails are in my opinion 100% fake. (Ok, comes from a fresh maded forum account 
)
Yess, names, same digits, location, date.
To use outlook.com for this is easy, but you need to change ip / device-id after few, or bots are recently āaiā-powered to solve the ms-captcha 
however, maybe you find here a better solution: Add Captcha to Subscriber Form - Ideas - Ghost Forum
Iām looking forward to this topic 
This has been going on for some time (see this thread: Fake sign ups from the sign up page ). I know the team have been trying to come up with solutions, but as far as I know, nothing has rolled out yet. (After a lull of a month or so, Iām once again getting a couple of these every day.)
Why canāt the solution be as simple as purging all accounts, after X number of days, that have not clicked the confirmation link proving they are human?
An account isnāt created unless the sign-up is completed by clicking on the confirmation link.
So how is this happening? Some dude in his motherās basement is creating numerous email accounts on outlook.com, then using those new users to register on my website, and finally clicking on the confirmation link that is emailed to those spam accounts? If this is the case, does anyone have any idea what the spammer gets out of this process?
Also, maybe the Ghost dashboard needs a way to delete multiple accounts at once. I searched for outlook.com, saw 20+ bogus accounts, but have no way to delete them other than going into the member details, one at a time.
I now regret adding my website to the āExploreā directory on the ghost website, as this is likely how the spammer found me.
Unless they were to post spammy comments, I donāt see that thereās much of an issue. If that happens, deal with it then.
Itās not a good idea to ignore the spam accounts, because having them will screw up the accuracy of the email newsletter statistics. These accounts are bogus, but still legitimate, in that they can receive the emails my server sends out. Right?
If youāre convinced that they are spam, then delete them. Unless I had a compelling reason not to, I would leave them, as I have numerous users who set up Gmail, Outlook, etc., email accounts, often using the format āfirstnamelastname12345@,ā to gain access to free content.
They are harmless too, and if one were to start spamming my comments, I would take action.