I had a forum that ran on phpbb that had these kind of problems, plus some hacking attempts.
Good things to do with phpbb to increase security:
- .htacess the admin directory
- Remove the version number from the skin
- .htaccess modcp.php
To decrease spam signups:
.htaccess profile.php (put a message telling what to enter) - this reduced spam sign ups by 99% in my case - eliminates any robotic spidering or activation of the join up bit e.g:
AuthName "To protect against automated bots, enter user:abc pass:123"
East Coast Interactive