Yes, some bots use "real" names, or names that are used by real people. That's why we suggest
never matching on a name alone- it's just way too error-prone to be reliable.
We suggest testing the email and/or IP address. If either or both of those are found in the database then it's very very likely that it's a bot. See this discussion here:
http://botscout.com/api_queries.htmThis is an excerpt:
"
The "NAME" QueryThe NAME query takes a given user name and looks for matches in the BotScout database, searching only in the NAME field. By itself, the NAME query is much less reliable than an IP or MAIL query and should not be relied upon for bot screening. It should be used ONLY as a secondary indicator, and even that is of dubious value. Name collisions are not uncommon since bots use nonsense names as well as "real" names when they run.
The NAME query by itself is next to useless; if used it should always be coupled with a MAIL or IP query for reliability. The false positive rate of using the NAME query alone is abysmally high. "
I was alerted to this by a friend and believe it's something we need to do something about (whitelisting them is all I can think of, but it's gonna be a PITA to do that).
It basically concerns bots blacklisted with "real" names, for example, the one I was notified of, is listed in the BS and SFS database with the username "Martin", which is a real human name that someone legit is very likely to use.
Any thoughts?