Spam is a widespread issue with many and all websites that accept user input. Whether be it a contact form, a comment system, a forum, or any other type of service, you are subject to spam. Ever since the fight against spam begun, hundreds of prevention tools have arisen, with some failing and some succeeding to a certain level. Since spam is a problem with small or large websites, applying prevention systems is a definite must.
But first what is spam, and what does it mean to a non technical person.
Any content that does not provide a reasonable ROII (return-on-investment for an interaction) for the reader or is self-serving or simply useless, the reader will mark it as spam. Sometime posting something that may be assessed, as “spam” is the fastest way to losing credibility.
Spam was born in 1978 and that was also the year that brought the first unsolicited commercial email message (later known as spam), sent out to 600 California Arpanet users by Gary Thuerk.
Spam in different mediums
Email : Email spam, also known as unsolicited bulk Email, junk mail, or unsolicited commercial email, is the practice of sending unwanted email messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients.
Instant messaging: Instant messaging spam makes use of instant messaging systems. Although less ubiquitous than its e-mail counterpart. As instant messaging tends to not be blocked by firewalls, it is an especially useful channel for spammers. This is very common on many instant messaging systems such as Skype.
Newsgroup and forum: Newsgroup spam’s a type of spam where the targets are Usenet newsgroups. Spamming of Usenet newsgroups actually pre-dates e-mail spam. Usenet convention defines spamming as excessive multiple posting, that is, the repeated posting of a message (or substantially similar messages).
Forum spam is the creating of messages that are advertisements on Internet forums. It is generally done by automated spambots. Most forum spam consists of links to external sites, with the dual goals of increasing search engine visibility and generating more traffic for their commercial websites.
Mobile phone: Mobile phone spam is directed at the text messaging service of a mobile phone. This can be especially irritating to customers not only for the inconvenience but also because of the fee they may be charged per text message received in some markets.
Social networks: Facebook and Twitter are not immune to messages containing spam links. Most insidiously, spammers hack into accounts and send false links under the guise of a user’s trusted contacts such as friends and family. As for Twitter, spammers gain credibility by following verified accounts such as that of celebrity; when that account owner follows the spammer back, it legitimizes the spammer and allows him or her to proliferate.
Online game messaging: Many online games allow players to contact each other via player-to-player messaging, chat rooms, or public discussion areas. What qualifies as spam varies from game to game, but usually this term applies to all forms of message flooding, violating the terms of service contract for the website.
Spam targeting video sharing sites: Yet another kind is actual video spam, giving the uploaded movie a name and description with a popular figure or event which is likely to draw attention, or within the video has a certain image timed to come up as the video’s thumbnail image to mislead the viewer, such as a still image from a feature film.
How Spam bots Work
Now that we have covered different types of spam, let us dive right into how these spam bots work. Spam bots intelligence is based on how complex the creator of the bot made it. For example, the majority of spam bots we know about that bypass image verification systems such as CAPTCHA are built mainly as OCR systems. Therefore, what image verification systems they can bypass really depends on how simple or complex their OCR system is. Other simple spam bots include mathematical computation bots that bypass mathematical type spam prevention questions.
Now I would like to share some spam prevention tools for a website owner. No matter how much you try to stop spam, you may still get some sort of spam from time to time.
Akismet
Akismet is so crucial to a WordPress blog it even comes pre-installed. All you need to do is sign up for an API key from WordPress.com in order to activate the plugin.
What does it do?Akismet works on the front line in the battle against spam. It picks out spammy comments from your blog and helps protect your site against those pesky spam bots.
Akismet, Automattic (the company) kismet, is an anti-spam prevention tool first created for WordPress. It precisely removes or un-approves comments that seem to be spam by using its own complex algorithm as well as from continued usage. Akismet has been doing a great job of removing spam from blogs or other services with a low report rate of it actually removing user posted comments caused by mistaking them for spam. Due to the success of Akismet for blogs, their API has broadened its reachability making it available to anything you decide to implement it for.
reCAPTCHA
reCAPTCHA, an acquired project by Google, adds an extra layer of security to all your forms using a new twist to standard image CAPTCHAs.
Here is how it works: Pages from physical books are scanned and digitized, and then the text is identified using a process called OCR (Optical Character Recognition), leaving an imperfect result, with words that have not quite been kept in their original format.
For example, a sentence such as “This aged portion of society were distinguished from” was recognized by the OCR as “niis aged pntkm at society were distinguished frow”, however, because OCR is not perfect, it is what creates the CAPTCHA system. All words that were not quite clearly recognized are used for the CAPTCHA image for humans to identify. Now that you know what is behind the project, we will dive right into its benefits and how it can help you prevent spam.
Despite the process of how reCAPTCHA works, the words selected are slightly distorted to make it difficult for bots to distinguish. With that said, we can easily identify the correct combination while bots struggle, making reCAPTCHA a great solution for added security for your forms as it definitely beats the use of using other basic CAPTCHA methods.
Despite all that we have mentioned, there are a plethora of other spam prevention systems that have sprouted to fight the ongoing spam dilemma and the type of spam prevention measures you take really depends on how your service or website is intended to be used.
How do you prevent spam on your own site(s)? Please take a minute to leave a comment below, I’d love to know how you deal with this issue. For us this has been a very immportant issue for a long time.
On some of our sites we had to stop commenting. There was too much comment spam, resulting in huge headaches for us. Seriously, it took up a lot of our time — time we wanted to spend on something better then moderating comments, or spent with the family.