Menu
Technically this might not be classed as a programming question, since I have already implemented a solution. But it's an interesting issue in the tech field nonetheless.
Anyway... I set up a basic contact form, without any spam protection. On discovering that it wasn't working, I ignored it and set up a Javascript to change all links pointing to the contact page to use mailto: links instead. (I intended to replace the form with an appropriate message about contacting me.) I discovered yesterday that the form is now suddenly working, because I'm getting spam from it. Here's an example:
Message received from contact form.
Name:
pvenvoqks
Email:[email protected]Message:
Mx7orZ iafgvohkzxmv, [url=http://wxmrsloamyhf.com/]wxmrsloamyhf[/url], [link=http://gloukuwmttnj.com/]gloukuwmttnj[/link], http://vmekxmqouktx.com/
It's obviously just gibberish. I checked the links and they don't work. It seems like there is a robot just submitting random data in forms - although note that it managed to pick up that an email should be submitted in the appropriate field.
My question is, is this spam trying to serve a purpose? I would understand if the links led to real websites for meds or malware or something, but they don't. It just seems totally random.
Aside: if anyone is interested, I used the "hidden field" solution to combat the spam. I used a hidden field called "Website", which, if filled in, does not send the email.
475
Spam emails are almost always commercial and driven by a financial motive. Spammers try to promote and sell questionable goods, make false claims and deceive recipients into believing something that's not true. The most popular spam subjects include the following: pharmaceuticals.
Spammers buy email addresses from special providers in bulk to add them to their mailing lists. If you've noted a sudden increase in the number of spam emails landing in your account, there's a high chance that your address was part of a list recently sold to one or more scammers.
Malware spam is exactly what it sounds like: spam that includes malware. It's usually delivered to your computer or mobile device via a spam text message or spam email. This type of spam can deliver almost any type of malware, from ransomware to trojans to spyware.
On an Android phone, you can disable all potential spam messages from Google's Messages app(Opens in a new window). Tap the three-dot icon in the upper right of the app and select Settings > Spam protection and turn on the Enable spam protection switch.
This is something I found on another site that seems to make sense:
"I could be wrong, but I think these are blackhat SEO spammers, looking for blog comment forms or Wikis. By using randomly generated unique "words", they can then do a Google search to find websites where their content has been posted unmoderated.
Then they can go back to these websites, identify if the links have been posted without the rel="nofollow" attribute (which would prevent them contributing to Google's algorithm), and if not they can post whatever spam links they like on those websites, in an effort to boost Google rankings for certain sites. Or worse, use it to post whatever content they want onto those websites (embedded malware?)
So I think this is less to do with mail server exploits and more web site exploits."
Source http://www.aota.net/forums/showthread.php?t=25205
167
A possibility is that this gibberish spam was sent to mislead spam filters and reduce their effectiveness. Some spam filters are designed to change their strategy and settings in response to the data they receive - what spam is caught by the filter, and what the user marks as spam. It's just meant to confuse things and add garbage data points - in essence, spamming the spam filter!
37
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
