« Tom Siebel finds a new career as legal reformer | Main | Microsoft: listen to our sales rep, he knows best! »
Comment spam made easy
If you thought that forced registration and Captcha human verification technologies solved the bulletin board spam challenge, you were wrong.
Security vendor Panda on its blog is demonstrating an application that will leave 1,500 spam comments on bulletin board in 15 minutes.
Xrumer slices through captcha verification and forced registrations – all are designed to verify that the poster is a human being rather than a spamming computer.
The $450 application offers an amazingly simple user interface. In a few clicks, the spammer creates a new email address with a free provider, sets up keywords for bulletin boards that he/she wants to target and creates the actual spam message. Xrumer takes care of all the rest: it will decipher the captha codes. If registration is required, it will await the confirmation emails 'click' the activation link and post the spam.
Xrumer only targets bulletin boards running common scripting languages such as PHP, most likely because they are easy to find. But it will only be a short stretch to imagine a similar technology getting unleashed towards blogs, and we're in comment spam hell all over again.
- No link provided to Xrumer's website - as a policy we don't link to potentially harmful applications.
Spanish
So....what are the best defenses against comment spam and form spam?
Posted by: Rick | July 31, 2007 3:58 PM
RE: Rick
Same as with email spam. There is no 100% solution. ban IP addresses, asked for human verification and manually scan all comments. Spam is a fact of life I fear.
Posted by: SV Sleuth | August 3, 2007 12:09 AM