Since the beginning of the Internet SPAM or Unsolicited Messaging has been around. Actually even before the World Wide Web was official cases of SPAM abuse were reported on USENET and other networks. Back then it was limited to Email and messaging occurrences as webpage forms had yet to be invented. Now however, Internet Spam takes many forms and Spammers use many different methods to perpetrate their crimes.
At first Spam messages were sent manually one at a time to many different addresses. This didn’t last long however. Shortly people were using automation to automatically send these messages out to hundreds or thousands of addresses on a list. Thus, the age of Spam was born.
With the event of server side applications, Java and other programming languages used to make the World Wide Web more useful came online forms where users could send information to businesses and website owners. Again, the Spammers of the world saw the opportunity to create chaos and started using these forms for their evil doings.
But why send form spam? A couple of different reasons. One is just to be a pain in the posterior and cause web developers much angst by receiving hundreds or thousand of form entries that are all invalid. Another is to try to elicit a response from a valid Email address. This Email address then can be added to their listings for other Email Spam mailings or sold. The other reason is that the Spammer is actually trying to hijack the websites server into sending their spam for them. By changing the form to include BCC’s they can in some cases have the web pages server do their dirty work without even knowing it.
But of course doing this manually takes too much time and energy so Spammers have built robots or bots to do this work for them. They program a “spider” bot to transverse through the Internet and find online forms. They then do the dirty work automatically and can spam hundreds of sites in a short period of time. Yay technology!
So to fight the onslaught a device called Capthca was invented. You’ve all seen it. It’s the crazy words at the bottom of the form you have to figure out what the heck they say and type them in a box. While this does reduce the bots ability to spam the form in some cases, Capthca is not perfect by any means. Again technology has helped the spammers out. Character recognition software can read these Capthca words even better than humans in some instances. The ones that can’t be read usually can’t be read by humans either! Captcha is frustrating at best.
Other methods are starting to pop up as well. One that works quite well is using pictures instead of words to verify a human user. Images have the upper edge on words as computers cannot make out pictures at all and humans can very easily. Anyone can see a picture of a duck and know it is a duck, not an airplane, car or sabre tooth tiger. Even children can use this easy option. Bots cannot differentiate one picture from any other picture. Even if picture recognition software was developed, it would be extremely hard to reproduce the ability of a human to differentiate background, foreground and minor picture components from the main focus of the picture. One program that does an extremely good defeating Robots by using picture technology is SpambotAssasin. SpambotAssasin uses 3 pictures randomly pulled from a gallery of hundreds of pictures to display. Along with the picture is a list of possible picture subjects like car, truck, duck, airplane, boat. The user just clicks the correct subject and they are off.
SpambotAssasin uses technology that is un-bustable by the spam bots. The pictures reside on the SpambotAssasin server and are randomly served to each form. Webmasters have the ability to change randomization and cookie formation to a degree that will make it even tougher for the bots to seize the day.
SpambotAssasin is brought to you from RCE Websites.