Scam acc. mass-mentioning users (again)

[YoshiRulz]

Select Topic Area

Bug

Body

The repo in question: https://github.com/ToothWandModulator/SolanaGrants-6059162/discussions
I can't report the discussion I was pinged in, because the button does not exist.

I was, however, able to report the repo.

But I have to ask: How is this still a problem? Why wasn't it automatically flagged for moderation and the pings suppressed?

I don't need a million-dollar AI overseer to tell you that this is suspicious activity, it's simple heuristics.

• Joined GitHub this month
• Opened a dozen discussions within minutes of each other
• Pinged 50 people in a single message
• ...none of whom had interacted with the repo before

Inexcusable.

[notcoderhuman]

This is the ongoing “Solana Grants / Gitcoin-style” mass-mention phishing scam that has been hitting GitHub hard again.

The account ToothWandModulator (created March 8, 2026 — literally 8 days old) is following the exact playbook:

• Creates a throwaway repo like SolanaGrants-6059162
• Posts a discussion with “your grant” bait
• Mass-@mentions 50+ completely unrelated users in one go (none of whom ever interacted with the repo)
• Triggers GitHub notification emails so people see it in their inbox

This is pure spam + phishing. They’re hoping someone clicks a link and connects a wallet or falls for a fake grant payout. The heuristics you listed are 100% correct and textbook spam:

• Joined this month
• Started 11 discussions in minutes
• Pinging dozens of random people with zero prior interaction

You did the right thing reporting the repo. The fact that the “Report discussion” button is missing is a known UI glitch on some discussion pages (especially when the repo is already under review).

Quick things you (and anyone pinged) can do right now:

• Block the account immediately — go to https://github.com/ToothWandModulator → … → Block user. This stops all future mentions and notifications from them.
• Report the account itself (not just the repo): on their profile → … → Report account → “Spam” or “Impersonation / Scam”.
• Ignore and never click any links from unsolicited GitHub pings about grants, airdrops, or rewards.

Why isn’t this being auto-flagged yet?

GitHub does have spam detection for new accounts + mass mentions + crypto keywords, but these scammers rotate accounts extremely fast and tweak the wording. The volume is massive (thousands of similar repos every week). GitHub has been suspending waves of them, but it’s an arms race.

Good news: when I just checked the discussion page it failed to load (“Uh oh! There was an error”), which usually means GitHub is already acting on reports and the content is being taken down.

Direct request to GitHub Staff / Moderation team (please escalate this):

• Suspend ToothWandModulator permanently and delete all their repos/discussions.
• The pattern is identical to the Gitcoin/Solana grant phishing campaigns that have been reported dozens of times.
• Auto-moderation needs to be stricter on accounts <30 days old that mass-mention >20 unrelated users in a single post.

To everyone reading this:

• Block any fresh account that suddenly @-mentions you about “your grant” or Solana rewards.
• Turn on stricter notification settings if you get a lot of spam.
• Report aggressively — every report helps the automated systems learn faster.

This should not still be happening in 2026. Thanks for calling it out, YoshiRulz — and thanks to everyone who’s already reported. GitHub team, let’s get these accounts wiped out quickly.

[RangHo]

posting ai slop answer to a post calling out mass-scam attempts powered by robots is crazy btw

[runiq]

Same for the user @ApprenticeBattle; reported them.

[itxashancode]

You're right - reporting the repository is the correct channel here. GitHub's automated spam detection does catch a lot, but it's not perfect, especially when spammers use new accounts and vary their patterns. The missing "Report discussion" button is a known UI limitation; discussions don't always have the same reporting flow as issues or comments. Your report of the repo should trigger a manual review by GitHub Support, and they can take action on all associated content, including the pings. I've seen this happen before - the system sometimes misses coordinated spam bursts like this, relying on user reports to catch what automation misses. The heuristics you listed are exactly what moderators look for.