I have my forum's Contact Us set up so that we are e-mailed via the sendmessage.php form. In the past two days, we've received a lot of strange messages through the form. Here's why I'm thinking it is a spam-bot:
1. The messages are one sentence long, in poorly written broken English.
2. The IP addresses are random--they are not from the same location, in other words.
3. The batch of ten messages we received yesterday arrived within a 15 minute window.
4. The usernames provided are all non-members, and are all short names attempting to sound "American".
Here's the kicker:
5. The subject lines are exactly the same: "united states" in all lowercase letters.
6. The return addresses are all @yahoo.com, with gibberish characters before that.
We also had four messages on the 11th with the same subject line, and the same randomness to usernames and IP addresses. From the 14 IP addresses in these messages, a few are repeats:
205.234.145.223
84.40.23.88
72.21.49.2
216.86.146.11
67.15.188.23
70.86.12.194
65.98.58.250
205.234.145.223
147.202.65.178
67.15.188.23
216.127.74.35
70.86.12.194
64.202.123.207
67.19.241.218
We can just set up a filter to discard these messages since they all have the same subject line, but I know someone can adapt a spambot to circumvent this.
Anyone else see this in their e-mails at all?
1. The messages are one sentence long, in poorly written broken English.
2. The IP addresses are random--they are not from the same location, in other words.
3. The batch of ten messages we received yesterday arrived within a 15 minute window.
4. The usernames provided are all non-members, and are all short names attempting to sound "American".
Here's the kicker:
5. The subject lines are exactly the same: "united states" in all lowercase letters.
6. The return addresses are all @yahoo.com, with gibberish characters before that.
We also had four messages on the 11th with the same subject line, and the same randomness to usernames and IP addresses. From the 14 IP addresses in these messages, a few are repeats:
205.234.145.223
84.40.23.88
72.21.49.2
216.86.146.11
67.15.188.23
70.86.12.194
65.98.58.250
205.234.145.223
147.202.65.178
67.15.188.23
216.127.74.35
70.86.12.194
64.202.123.207
67.19.241.218
We can just set up a filter to discard these messages since they all have the same subject line, but I know someone can adapt a spambot to circumvent this.
Anyone else see this in their e-mails at all?
Comment