[conspire] Web spam and yandex forms
Ivan Sergio Borgonovo
ivan at webthatworks.it
Tue Dec 7 14:32:30 PST 2021
On 12/7/21 21:51, Akkana Peck wrote:
> I'm having a security issue with a website I run, and I'm hoping
> some of the security experts here might be able to help me
> understand what's happening.
> think someone will click on the URL? Apparently yandex is Russia's
> version of Google, and you can make custom forms like with Google Forms.
Sort of... I'd guess the most interesting thing in this case it offers
free email.
> But I still don't really see what good it would do a spammer ...
> unless maybe it's an attempt at a DDOS on yandex (googling on yandex
> found stories about such a DDOS a few months ago).
Probably they are using your form to send out spam.
They fill in the potential target email as the registration email and
use other fields of the form in the hope they will get into the body of
the email.
Generally each contact/registration form send a copy to the website
owner and one copy to the "sender" as a receipt.
You should add some captcha in the registration form.
--
Ivan Sergio Borgonovo
https://www.webthatworks.it https://www.borgonovo.net
More information about the conspire
mailing list