How to Handle Suspicious Users in Online Communities

Zach H.

June 19, 2025

Reading time: 1 minute

How to Handle Suspicious Users in Online Communities

Question to the crowd ❔ When you see new members who join your open community who look like this, how do you react?

Note: I have INTENTIONALLY left this spammer’s email in here. Please do not reach out to them. I’m showing it here because it’s part of the identification process when looking at spammers.

This particular user didn’t start spamming until 3-4 AM in the morning here on EST time, so it’s nearly impossible for me to react in real-time. So I guess my question is which camp do you fall in and why:

When you see suspicious users, should you remove them immediately?
When you see suspicious users, do you give them the benefit of the doubt until something bad happens?

Could technology fix this in any way, or at least make it simpler?

23 comments

Andrew R.
·
·
automation, new user can only post or dm up to 4 times in day 1, after that they get restricted, until reviewed. 🙂
2
👀2
Andrew R.
·
·
RATELIMITS for the win!
1
Zach H.
·
·
Andrew R. thanks for the idea. It’s possible that we could rate limit their posts in public channels where Tightknit is activated, but we sadly would not be able to control their direct messages (DMs) as Slack doesn’t currently allow for those APIs.
Zach H.
·
·
my grammarly decided that no one knew DMs so wrote it out haha
🤐1
Andrew R.
·
·
lets assume you can programtically identify as spam, can you restrict them (from channel posts, replies, and DMs) in a way they are suspended and need manual review?
Zach H.
·
·
Not with most Slack plans that communities operate. I’ve had a longstanding ask to allow for organizations to ELIMINATE DMs between non-admins which would be such an amazing feature.
Andrew R.
·
·
but can you ( through api/automation) lock a user in jail, weather its lock them out of slack, make them global view only, or maybe even just deactivate them?
Zach H.
·
·
Not with the current APIs on a Free, Pro, or B+ plan. Would need Grid for that.
Andrew R.
·
·
so there is no way through any automation to do really anything to a user? you need to have a human on a keyboard go and do it?
Zach H.
·
·
Yes pretty much. We’re working on what we could do for public channels, but there’s little we could do for DMs. Also, moderation policies are a beast in themselves.
Andrew R.
·
·
can you create a browser rpa tool to go virtually load the slack ui, and then deactivate the user?
Andrew R.
·
·
buy enterprise+
Zach H.
·
·
can you create a browser rpa tool to go virtually load the slack ui, and then deactivate the user?
I’ve thought about this. We would need to make sure it abides by Slack’s ToS. So likely it could get you to the user, but it would still require an admin to click the button to deactivate them. And sadly I’ve never seen the unit economics work for $20+/user for a community. EG+ is out of the question
Andrew R.
·
·
look at a tool like https://www.leapwork.com/ you could then have it when a user is new and sus as spammy in a channel, (this would mean they may also be sus and spammy in DMs, then your api could call a tool like leapwork, and leabwork could be the “hands on keyboard” to actually go deactivate the user, then an admin in the morning could review and reactivate if desired.
Areej A.
·
·
I remove people instantly at WTS - everyone who joins agrees to abide by the code of conduct, I don't have a warning system, people are simply removed right away for breaking our code of conduct. I know that can be seen as 'harsh' but it's also the reason we've thrived for the past 6 years
1
Zach H.
·
·
Areej A., what do you have in the CoC that would allow me to remove this particular user before they’ve committed the “crime”? The language is interesting to me.
Areej A.
·
·
We have a No Promotions or Spam rule (rule 3) - here's the full CoC: https://www.womenintechseo.com/code-of-conduct/
Areej A.
·
·
Ah I see your question - I wouldn't remove them until after they commit the 'crime'
1
Zach H.
·
·
Thanks Areej A.. And I should have given the full context. I had written this to Stephen immediately after this user joined. One of my thoughts is giving people like 2 hours to update their name to something responsible, otherwise I deactivate their account. Where this gets difficult is we’d want some way for those folks to respond to us in a meaningful way. This would require more thought on the tech and process side if we were to do it. Asking all this because I’m sure I am not the only one who struggles with this!
Areej A.
·
·
How do people join in the first place? We have a form for folks to fill that asks different info - maybe gauging through that?
1
Zach H.
·
·
We’ve made it relatively low-lift. We want friction to eliminate some joiners, but since this is a community of product, a lot of joiners just want to see how Tightknit works. Making them give us too much info would feel like I’m data-collecting for a sale where we strongly believe in community-led growth
Areej A.
·
·
yeah that's really hard!
Matt J.
·
·
yeah my first question about an assumption you are making is how would I know that this user is suspicious? Maybe you know this because of the intimacy you have with the community etc but if this user joined Relume, I don't have enough information here to make any decision or take any action. I would have to wait for a negative action from this user and react to that. I do like Andrew's suggestions for then automating some of the monitoring of that behavior and taking action on my behalf, alerting me, and then letting me review said actions.