tonygiorgio 10 months ago

I got this on two org repo’s yesterday. About an hour after the email, I checked and it was gone. I wanted to report it, even though GitHub scam reports are so very unsatisfying (weeks go by, then random email about how they took some action).

One very simple measure I hope they implement is just not sending emails for unverified spam like this. I’d argue a majority of issues or comments do not need instant emails. Even one hour delay could help in combating abuse like this if they had any sort of reasonable moderation rules.

Reply View 3 replies
  • latexr 10 months ago

    > GitHub scam reports are so very unsatisfying (weeks go by, then random email about how they took some action).

    Either you’re unlucky or I’m lucky, I’ve reported scammers to GitHub multiple times and always got a response in a couple of hours.

    Reply View 2 replies
    • cwizou 10 months ago

      Same here, I get frequent spam on one specific (very popular) issue, and they always take care of it within an hour or two. I hide the spam myself to protect the users on the web (I can't do anything about the phishing emails though that gets sent [by default I think ?]), and their moderation wipe the spam account and sends a quick email to confirm.

      Usually it's a new user who clones a few repositories to pass whatever mitigation they have.

      Always get a "lots of reports, this may take a while" email first though. I don't think I ever not got that one.

      I think there's something to be said about sending - by default - user generated content by email automatically if you've replied once to a thread. Lots of bad defaults here imho.

      Reply View 0 replies
    • elashri 10 months ago

      I reported spam comment and they acted in less than an hour. I reported the exact spam comment by another user in the same day and they took 3 months to act. It is a very random process.

      Reply View 0 replies