Skip to main content

Spam despite captcha

Everyone has probably had problems with spam on their own website. Whether you allow comments on the blog or operate a forum - wherever users can make entries, there is a risk that spam will be published on a massive scale.

What does spam do for the person who spams?
The mass cluttering of certain blogs, forums, etc. ideally generates a small amount of attention for the advertised website, be it from the webmaster who clicks on the links out of interest or from the user who accidentally or intentionally clicks on the links and thus causes some traffic on the target page. The spammer then uses this traffic to generate advertising revenue or to push websites to higher places in search engines through massive linking (this is a very dubious method with extremely dangerous side effects). You can make a lot of money with this alleged search engine optimization and with advertising revenue generated in this way. There are probably more scenarios, such as spreading malicious websites that infect computers to use as bots. In order to be able to list all the spammers' motives, you would probably have to be active in the industry yourself.

Can you prevent spam with Captcha's?
Not quite. Although the first Captchas may have worked quite well, almost no Captcha is now 100% secure. After a little research, using the search term "Captcha bybass" or "Captcha Decoder" you can find tons of providers who bypass Capchta's of all kinds for small sums ($7 for 1000 ReCaptcha bypasses, other Captcha methods starting at $1.5). Programs are written that probably work like an OCR program and have a success rate of 50% to 95% depending on the Captcha method. With a sufficiently fast internet connection in conjunction with a fast computer, you can easily crack several 1000 Captchas in a minute and thus place the message on the respective page.

Spam damages your own site!
Anyone who has a lot of strange comments on their site and perhaps even has links to sites that are not reputable or even harmful can harm their own website in search engine rankings. Visitors to a website filled with spam will also find this dubious.

How can you protect yourself against this?
The best method currently seems to be a combination of captcha's and anti-spam databases. There are many anti-spam databases, the best known is probably projecthoneypot.org. After a short search on extensions.joomla.org, we found the SpambotCheck plugin, which queries several such databases and compares the visitor IP with them. If spambots are detected, they are simply blocked. Data protection problems cannot be completely ruled out, as IPs are constantly compared. Despite all of this, 99% of spammers should be filtered out because these databases are fed by many users and are therefore very up-to-date.

Categories

Important contributions

Popular posts