Saturday, November 22, 2008

Counter Measures

The ways spam can be sent to you are many and varied: from the hijacking of your associates yahoo or hotmail accounts, unexpectedly allowing your email address to be added to an unscrupulous mailing list, or just displaying your email address on your website for all to see.

NEVER put your email address on the internet. You may wish to make it easy as possible for your customers to contact you or to attract sales. All you will attract is flies to your inbox.

The workaround for lacking an email address on your website is the ubiquitous contact form.

Even these are are vunerable - as is illustrated by the first sentence of this article, received by a client via a form on their website intended for inquiries regarding their wares. This, along with "amateur boy dick" and "young gays" had very little to do with their daily business.

It's a misconception that people visit your website in order to send these messages, fortunately not so. One of the points of spam (when it isn't an out and out scam) is that you will hopefully click a link in the spam email, go to that webpage and click legitimate advertising in that page, earning the owner money. For it to be worthwhile thousands of these messages need to be sent out. Even in the current economic climate it's still not worth it for an individual to find and fill in these forms. So it all happens with little programs that run around the internet, looking for forms to fill in and send. This may conjure up images inspired by the movie Tron, thankfully this software is considerably more dumb, for now.

I've developed several techniques to overcome this automated process.

Look at the contact form of sites I've recently developed and you will find a question: "What colour is grass?" ("¿De que color es el pasto?" on websites en Español). Within my programming that sends the form contents to you is a bit of code which makes sure this is answered correctly, if not, the entry is rejected. As the form requires physical interaction with the page (clicking on a pulldown menu and selecting the answer) this cannot be carried out by an automated process.

The benefit of this over the more standard "Captcha" method (where you have to type in the numbers and letters displayed in an image) is that Captcha can be so obscure at times it's too confusing for even a human to decypher, and at some point Optical Character Recognition software (OCR) will become sophisticated enough to overcome this.

To counter any future developments in spambot software I'm extending this feature to generate a random selection from a large pool of questions, so until we have artificial intelligences patrolling the internet trying to sell you "Herbal Male Enhancement Pills" from a canadian pharmacy, your email should be quite immune to spam, at least where your website is concerned.

So, if you're looking at my customers websites and wonder why they want to know the colour of the sky, or what sound a cow makes before contacting them, it's all just part of the fight against online villainy.

No comments:

Post a Comment