Receiving some nonsensical spam - what is its purpose? [closed]

StackOverflow https://stackoverflow.com/questions/895661

  •  23-08-2019
  •  | 
  •  

Question

Technically this might not be classed as a programming question, since I have already implemented a solution. But it's an interesting issue in the tech field nonetheless.

Anyway... I set up a basic contact form, without any spam protection. On discovering that it wasn't working, I ignored it and set up a Javascript to change all links pointing to the contact page to use mailto: links instead. (I intended to replace the form with an appropriate message about contacting me.) I discovered yesterday that the form is now suddenly working, because I'm getting spam from it. Here's an example:

Message received from contact form.

Name: pvenvoqks
Email: allceh@bxyzsn.com

Message: Mx7orZ iafgvohkzxmv, [url=http://wxmrsloamyhf.com/]wxmrsloamyhf[/url], [link=http://gloukuwmttnj.com/]gloukuwmttnj[/link], http://vmekxmqouktx.com/

It's obviously just gibberish. I checked the links and they don't work. It seems like there is a robot just submitting random data in forms - although note that it managed to pick up that an email should be submitted in the appropriate field.

My question is, is this spam trying to serve a purpose? I would understand if the links led to real websites for meds or malware or something, but they don't. It just seems totally random.

Aside: if anyone is interested, I used the "hidden field" solution to combat the spam. I used a hidden field called "Website", which, if filled in, does not send the email.

Was it helpful?

Solution

A possibility is that this gibberish spam was sent to mislead spam filters and reduce their effectiveness. Some spam filters are designed to change their strategy and settings in response to the data they receive - what spam is caught by the filter, and what the user marks as spam. It's just meant to confuse things and add garbage data points - in essence, spamming the spam filter!

OTHER TIPS

This is something I found on another site that seems to make sense:

"I could be wrong, but I think these are blackhat SEO spammers, looking for blog comment forms or Wikis. By using randomly generated unique "words", they can then do a Google search to find websites where their content has been posted unmoderated.

Then they can go back to these websites, identify if the links have been posted without the rel="nofollow" attribute (which would prevent them contributing to Google's algorithm), and if not they can post whatever spam links they like on those websites, in an effort to boost Google rankings for certain sites. Or worse, use it to post whatever content they want onto those websites (embedded malware?)

So I think this is less to do with mail server exploits and more web site exploits."

Source http://www.aota.net/forums/showthread.php?t=25205

The purpose of the email may have been to determine if your address bounces, if not then the address could be resold.

It could also be that the URLs were valid at one point in the past but have been taken down.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top