This is a trivial question but I want to understand how spam works. On my site I get a contact us form submitted every night between 2:30am to 3:00am. There is not message in the form and I know it is a spam. But my question is what type of spam it is? Why not post something when you submit, whey not post it multiple times, why just one time, why only at this time of the day? What type of spam it is? Are there different of of it?
Asked
Active
Viewed 87 times
1
-
"There is not message in the form" - Presumably this is already being rejected (failed validation) and the contact email is not actually being sent (and you are reading this submission from your logs) - or is it? – MrWhite Jul 28 '16 at 13:40
2 Answers
2
It could be an automated SQL / Javascript injection script attempting to hack your site, your address must be on some sort of database.
I would suggest implementing a CAPTCHA in order to be sure that your users are human.
Digital Lightcraft
- 839
- 2
- 9
- 20
-
yes, I am already aware of these security feature and I did not put them in yet because the site is not active yet. But want to know, what type of spam it is... – TheTechGuy Aug 01 '12 at 15:15
-
1Ok. I dont think its "Spam" at all, its (probably) a bot trying to hack sites, the fact you receive a blank email is just a consequence of the submit button being activated. – Digital Lightcraft Aug 01 '12 at 15:18
-
every night just one hit between 2:30am to 3:00am. How can that be a hacking effort if it just one click essentially and For 3 weeks! – TheTechGuy Aug 01 '12 at 15:21
-
1As John Conde says below, one submit can spawn multiple email instances to be sent. I SERIOUSLY suggest securing it ASAP - one of my servers got a spam bit virus once, and my IP was blacklisted as a spamming address for over a year. – Digital Lightcraft Aug 01 '12 at 15:29
1
An automated bot may be using your script to send spam out to other users. You may only see one email but using header injections they're spamming countless other people. Besides putting in the usual anti-bot mechanisms make sure you also filter out unwanted content from the user submitted content to prevent the injections which can still happen from manual submissions.
John Conde
- 86,255
- 27
- 146
- 241
-
btw I will put the IP info in the email so I can trace it better. Just want to know what it is :) – TheTechGuy Aug 01 '12 at 15:23