seems that the current spambots are using a very similar algo for all their bot-users.
one of the Facebook, Twitter, Skype, YouTube, Google+ fields is always username plus 2 capitol letters.
if there was some way of scripting in using the username as a substring mask for each of those fields then maybe you could ban the account straight away. I don't know how easy it is to do on phpbb though.