Further to the recent SPAM incident, we have now implemented a number of measures to minimize the risk of similar incidents impacting the Nintex Community and its members. As a result, we have now enabled new user registrations.
Specifically, we've implemented the following measures:
- enforcing email validation of new user registrations
- implementing Captcha for new user registrations and each time another user is to be Private Messaged
- enabling Private Messaging Opt-In, where registered users can choose whether to enable the Private Messaging function on their account. If you Opt-In to Private Messaging, you can disable email notifications through the My Settings menu. Notifications will then only occur via the "bell" icon when you sign in to the Nintex Community.
- monitoring all new user registrations on a daily basis as a further safeguard against suspicious account registrations
______________________________________
On December 2, 2020 a number of Nintex Community members reported receiving emails as a result of private message notifications from another Nintex Community member. The content of the private message was SPAM and is against Nintex Community policy.
More information on what happened and what is being done is listed here:
What happened?
- A number of new user registrations occurred on the Nintex Community early on 12/2/20
- Following the registration process, those accounts then proceeded to private message other Nintex Community users with SPAM content
- Private message notifications from the Nintex Community were delivered via email from no-reply@nintex.com as per normal functionality and based on user settings for alerts
What steps have we taken?
- We have identified and removed all of the offending user accounts and their related messages
- We are reviewing all Community user registrations within the past 48 hours to ensure they are legitimate
- All new Nintex Community user registrations are currently suspended until we are able to build in and test specific additional safeguards for new user registrations
- We are working with our Community platform vendor, Khoros, to ensure their SPAM filter catches these types of private messages in the future as well as ensuring the registration process for new accounts prevents this type of activity in the future
- We will be implementing a revised registration process to ensure all new user registrations are better validated and work diligently to get it implemented as a top priority
