Login/Register
Receiving some nonsensical spam - what is its purpose? [closed]
Asked Answered
Solved formsspamspam-prevention
P

3

5

Technically this might not be classed as a programming question, since I have already implemented a solution. But it's an interesting issue in the tech field nonetheless.

Anyway... I set up a basic contact form, without any spam protection. On discovering that it wasn't working, I ignored it and set up a Javascript to change all links pointing to the contact page to use mailto: links instead. (I intended to replace the form with an appropriate message about contacting me.) I discovered yesterday that the form is now suddenly working, because I'm getting spam from it. Here's an example:

Message received from contact form.

Name: pvenvoqks
Email: [email protected]

Message: Mx7orZ iafgvohkzxmv, [url=http://wxmrsloamyhf.com/]wxmrsloamyhf[/url], [link=http://gloukuwmttnj.com/]gloukuwmttnj[/link], http://vmekxmqouktx.com/

It's obviously just gibberish. I checked the links and they don't work. It seems like there is a robot just submitting random data in forms - although note that it managed to pick up that an email should be submitted in the appropriate field.

My question is, is this spam trying to serve a purpose? I would understand if the links led to real websites for meds or malware or something, but they don't. It just seems totally random.

Aside: if anyone is interested, I used the "hidden field" solution to combat the spam. I used a hidden field called "Website", which, if filled in, does not send the email.

Piscary answered 21/5, 2009 at 22:50 Comment(5)
To clarify: Did you use the "hidden field" tool before or after you started getting the spam? In other words, did it help?Atul
After. I was getting one of these emails every couple of hours. Since implementing the "hidden field" captcha, I haven't received a single one. So yes, it's helped.Piscary
Your solution is brilliant. Well done!Thebes
I can't claim credit for the solution, it's something I read about on a blog a long time ago. Googling for "hidden field captcha" should provide more information.Piscary
As you noted, this really is a bit off topic. A few flags came in on it, must have shown up in query results (explaining why I'm closing it over two years later)Emirate
T
3

A possibility is that this gibberish spam was sent to mislead spam filters and reduce their effectiveness. Some spam filters are designed to change their strategy and settings in response to the data they receive - what spam is caught by the filter, and what the user marks as spam. It's just meant to confuse things and add garbage data points - in essence, spamming the spam filter!

Thebes answered 22/1, 2010 at 4:8 Comment(1)
That is certainly valid reasoning.Piscary
R
6

This is something I found on another site that seems to make sense:

"I could be wrong, but I think these are blackhat SEO spammers, looking for blog comment forms or Wikis. By using randomly generated unique "words", they can then do a Google search to find websites where their content has been posted unmoderated.

Then they can go back to these websites, identify if the links have been posted without the rel="nofollow" attribute (which would prevent them contributing to Google's algorithm), and if not they can post whatever spam links they like on those websites, in an effort to boost Google rankings for certain sites. Or worse, use it to post whatever content they want onto those websites (embedded malware?)

So I think this is less to do with mail server exploits and more web site exploits."

Source http://www.aota.net/forums/showthread.php?t=25205

Rollerskate answered 14/7, 2011 at 16:18 Comment(1)
Wow, interesting theory there!Piscary
T
3

A possibility is that this gibberish spam was sent to mislead spam filters and reduce their effectiveness. Some spam filters are designed to change their strategy and settings in response to the data they receive - what spam is caught by the filter, and what the user marks as spam. It's just meant to confuse things and add garbage data points - in essence, spamming the spam filter!

Thebes answered 22/1, 2010 at 4:8 Comment(1)
That is certainly valid reasoning.Piscary
C
0

The purpose of the email may have been to determine if your address bounces, if not then the address could be resold.

It could also be that the URLs were valid at one point in the past but have been taken down.

Conventionalize answered 21/5, 2009 at 22:54 Comment(2)
How would a bot know if the message bounced? They wouldn't know the email address the form is sent to, that's the point of having a form! I also checked several of the URL and they're not even registered so it's very unlikely they were active in the past (AFAIK you have to register a domain for at least a year, right?)Piscary
Ah, I had read the part about using mailto: links and thought that's how you'd gotten the email, in which case it might have had a from or reply-to header where the bounce could go.Conventionalize

© 2022 - 2024 — McMap. All rights reserved.