How you can Stop Spam Emails (well, at least slow em down!)
There is one REALLY annoying downside to having a website and that is the constant flood of spam that will inevitably fill your inbox from sellers, scammers and worse.
Let’s stop em!
IMPORTANT NOTE
If you use one of the big email providers eg. gmail, hotmail etc. it is VERY important that you do NOT mark emails from your site as spam.
When you do this, firstly, your are telling your email app that future emails from your site should be put into the spam box so you may miss future emails. Worse still, too many reposts and your site could be blocked from sending emails to anyone using the same email system so you may not be able to respond to enquiries.
the Whys and Hows of Online Form Spam can help you stay protected
The most common question my customers ask is Why do they do it?
While we may think it’s a pointless waste of time for them & us.. Unfortunately it’s not, and here some reason why..
1. marketing & Promotion:
Spammers often use form bots to disseminate advertisements. By flooding online forms, comments sections or forums with their content, they are trying to reach a broader audience and promote their products or services to you directly or, in the case of comments & forums, on your site.
2. SEO Manipulation:
This is particularly on sites that allow comments from non-registered visitors. What they are trying to do is artificially improve their website’s search engine ranking by spamming your sites comments hoping that these will be displayed on the site. They will do this by posting links back to their sites in the spam content. This practice, known as black-hat SEO, artificially boosts their link count
3. Harvesting Email Addresses:
Bots can fill forms to collect email addresses and other personal information, which are then sold to third parties or used in further spam campaigns.
4. Denial of Service (DoS) Attacks:
Bots can send thousands of emails and can used to overload a website’s server by submitting forms en masse, causing a denial of service and making the site unusable for legitimate users.
5. Phishing and Malware:
These spammers will use Bots to spread malicious links leading to phishing sites or malware downloads. Because your sites email form won’t let them ‘format’ the email that you receive from the form, these are not as sophisticated as ones sent direct to your email address but you still meed to keep your wits about you! Unsuspecting users who click links risk having their personal information stolen or their entire systems compromised.
Little effort, big rewards
When I had my first experience with spammers, I really couldn’t understand why they bothered. The trouble is, it really is no bother for them as they can send out tens, or even hundreds of thousands of emails without having to lift a finger. It therefore only takes one recipient to allow their comment on their site or worse, to click a link in the email, and it’s worthwhile.
1. Increased Traffic and Sales:
By promoting their products or services through spam, spammers can potentially increase traffic to their websites and convert some of that traffic into sales. While this can eventually result in sites being blocked by the searches, they can just start another
2. Data for Malicious Use:
Harvested email addresses and personal information can be extremely valuable, either for direct use in phishing attacks or for sale on the dark web.
3. Competitive Edge:
Through SEO manipulation, spammers can achieve higher search engine rankings than their competitors, gaining more visibility and attracting more visitors. This can be used, for example, by companies who want to sell domains. They can inflate their position in the searches and hope they’re sold it before the searches block it
4. Financial Gain:
All of the above benefits can then convert into financial gains, either through direct sales, selling data, or receiving payments for promoting malicious links.
So what can we do?
We previously used a custom anti-spam system built in house which used a range of, even if we do say so ourselves, cunning tools to beat the spammers, however, this was very specific to our sites and simply not possible to implement in systems like WordPress so we have to look at other alternatives.
1. CAPTCHA:
The use of CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) can effectively block bots by requiring users to complete tasks that are difficult for automated systems to perform.
2. Honeypots:
These are hidden form fields that are hidden from legitimate users but bots will still see them. The idea is that if these fields are filled, it must have been completed by a bot so can be discarded.
3. Rate Limiting:
This restricts the number of form submissions from a single IP address within a specified time frame. While this doesn’t stop the spam, it does prevent bots from overwhelming the server.
4. Advanced Bot Detection Services:
There are various services like Akismet, Google’s reCAPTCHA, and other machine learning-based systems can identify and block suspicious activities, providing an extra layer of security.
5. Regular Monitoring and Maintenance:
Updating and monitoring your site’s security measures can help identify new threats quickly and adapt accordingly. Keeping software and plugins up to date is also essential to patch vulnerabilities.
6. Content Filtering.
This is relevant to sites that allow visitor comments to be displayed. Implementing content filtering mechanisms that scan and filter suspicious or known spam content can help keep spam submissions down.
7. User Authentication:
Requiring users to register or authenticate before submitting forms can dramatically reduce the likelihood of spam since bots often target forms that don’t require authentication and use emails that don’t exist so the registration can’t be completed
So what can you implement on your site?
What you are going to be able to add to your own site will depend on several factors. If you have someone who looks after your site then we’d recommend talking with them first as they may well have some of the tools mentioned above that they can implement for you.
If you look after your own site, then have a look at adding honeypot fields to your contact forms and, if you’re reasonably tech savvy, then we’ve found Google Captcha V3 works well.
Conclusion
Spam Bots pose a significant threat to the functionality and security of all websites. Spammers use these bots for often illegal financial gain, distribute malware and manipulate search engine rankings, among other malicious activities.
While difficult, they’re not impossible to stop and by implementing the security measures mentioned above, our customers and other website owners can create a very effective system for their prevention.
Note though, these measures only prevent emails sent through your sites contact form and DO NOT stop spam sent directly to your email address . We will cover this is another post, however, we do recommend that your email address is not published on your site as this makes it way to easy for spammers to get hold of!
What is HEIC format?
Why Migrating your site makes sense
3 West Street
Leighton Buzzard
Beds
LU7 1DA
t/a Driving Instructor Sites
©2024 Melgab Media Ltd
