I have been having a problem with receiving spam-like entries in the Guest Book of my Personal Web Space. I have been receiving them periodically for several weeks. They are all different but all are similar to the following:
submitted on June 16, 2011 6:06 AM EST
Email Address: 31343
XR1200OwnersGroup.com username: 7733
The bold text in the above are my field entries. The numbers and link-like responses are typical of the Guest Book entries being received.
Anyone know what these are, or how to stop them? I was not sure at first whether they might be sent by someone in a foreign country with a different font set, but the randomness makes them look machine generated. Do these appear to be some kind of spamming or hacking attack?
I would like to figure out if these are a problem with the system recognizing valid guest book entries, or if these are some kind of machine generated spam that could be stopped so that they don't become the majority of entries in my Guest Book.
06-16-2011 09:31 AM
Robospam --- yes, some idiot spammers are actually stupid enough to think people might be tricked into following their links if they fill out feedback type forms such as yours and submit it (well actually, some people are actually stupid enough to click on the links).
This is why you see a lot of forms with those annoying "captcha" challenges (the squiggly letters/numbers on weird styled backgrounds that you have to type in to verify you're a "real" person).
06-17-2011 03:21 PM
Could be robospam, but I am not convinced. I am now getting up to two or three of those guestbook entries a day - and my web site is a small personal site with fairly small readership. I am pretty careful about opening strange links and e-mails, but I did check a couple of the links in the guestbook entry which I posted (from a very well firewalled and protected computer) before I postd this query, and they do not appear to be real links - just random characters strung together in an http format that did not connect to anything..
So, I guess I am still wondering whether I am actually getting spammed, there is a problem with the Verizon guest book processor, or these might be coming from an international address with a character type that is not recognized on my computer.
If it is robospam, it is robospam, but has anyone else seen entries like these in their Verizon guest book?
06-18-2011 08:00 AM - edited 06-18-2011 08:05 AM
While it is odd that it's all numbers, I still believe you're just ealing with another form of robospam.
Here's a reference link ....
You can search for "comment spam" for lots of other articles on this. The size of your site doesn't matter ... if a spam generator finds you it will post at will in hopes of getting someone to bite. The random character strings have a couple of potential uses -- in some cases it's a cross-site scripting attempt or buffer overflow attack looking to see if they can exploit something on your site, in others it's just random sequences which are meant to defeat filters on comment posting sites that are looking for common "spam" posts -- insert a bunch of random junk in various spots in the post attempt and you often can defeat these.
Would be interesting to see if anyone else sees similar behavior.
06-19-2011 09:44 PM
Are you also getting legitimate entries? I agree that it looks like robospam, but if you aren't getting any entries other than these it might be an issue with the code.
06-26-2011 03:58 AM
Thanks for the thought. As a quick fix I took the GuestBook link off my home page, inserted a link to it in a text block so that the primary link is not viewable on the site, and added a warning under it not to send spam since I don't share the info and would refer the spammers to the FTC. Kind of cumbersome but spam-type entries have fallen from their peak of a couple per day toward the end, to nothing for the moment.
Since I have gotten a couple of valid entries following the change, I'll presume that the GuestBoiok is working fine and something/somebody was just probing before. Kind of a shame, because the spam caused me to make the GuestBook page a little less accessible which may discourage a few people from using it. At this point my guess is that somebody was searching for ways to harvest guestbook info, rather than post spam but regardless, for the moment it has stopped.