MainSoftware Technology Solutions BlogGuide on How to Prevent Website Spam

Guide on How to Prevent Website Spam

Guide on How to Prevent Website Spam

What is spam? Technically spam occurs when scammers or resellers submit unwanted information through online forms to phish or send abusive messages. In other words, form spam is when unwanted messages pass through the website’s forms without the owner’s knowledge. It is also considered a cost-effective form of commercial advertising. If only a few spam message recipients buy the advertised product or services, the spammer will make money. More than 95% of emails sent around the world are considered spam.

Comments are an excellent way for website owners to build a community, and readerships and spammers use scripts and other software to create and post spam there. Comments that look like an ad or a random link to an unrelated site are considered comment spam.

This spam type harms sites in several ways, including:

  • poor quality content in website parts affects the entire site ranking;
  • spam distracts and annoys users and lower the site’s reputation;
  • unintended traffic from unrelated content on the site slows down the site and increases bandwidth costs;
  • Google removes or downgrades pages that are inundated with user spam to protect the search results quality;
  • content dropped by spammers leads to malicious sites that negatively impact users;

Finding ways to protect the website from malicious spam are essential. Below are some ideas to reduce or prevent different spam types on the website.

Reducing Website Spam

Business owners should take the following steps to reduce website spam’s impact.

  • Keep the domain private. Business owners should keep their email addresses confidential when registering the site’s domain. Otherwise, it becomes public. All domain names have a record that email address is on file, and in many cases, anyone can find it for free.
  • Use bait — a hidden question in the online form that indicates who filled it — a human or bot.
  • Block bad countries. There are countries where the most spam comes from. If the website’s audience primarily consists of one or a few countries, you can block all other countries from viewing the website.
  • Using reCAPTCHA. Adding a reCAPTCHA to your forms is a great way to prevent spam bots from filling out your website forms and sending spam. The other way is using a security question or image to verify a human or bot completes the online form.
  • Prevent email collection. There is a chance to collect email addresses by spambot programs when providing websites. One way is to replace email with an email image. Bots read the text and do not read email addresses, but people can still see them.

Guide on How to Prevent Website Spam

Spam is big business. Spammers are getting more and more creative to get through tools blocking spam. They use sophisticated spambot programs, and many even employ low-paid people to post their spam messages. It is nearly impossible to stop an actual human from submitting spam manually on-site forms. There is no universal solution to catching all spam types. Using multiple methods helps.

Other Website Protection Methods

There are some other ways to protect websites from spam flow. Website owners can restrict unwanted flow by using tricky anti-spam questions.

  • Math questions.

Who is better at counting, man or machine? The bot only needs to convert the question text into a mathematical expression, and the answer is ready. Forcing users to respond with letters rather than numbers can lead to spelling problems and doesn’t necessarily prevent bots from using the built-in dictionary (1 is one, 2 is two, etc.).

  • Issues with string operations.

Examples:

Question: Type in the middle the four letters “woeforbots”

Answer: ban.

Q: Type “noitseuq” backward.

Answer: question.

This may work for a while until the bot makers implement the terms you use and what you mean by them (middle X’s, first X’s, last X’s, reverse, etc.) into bots.

  • Logic questions.

Example:

Question: Determine Which Item Is Yellow — RoadBananaRedHouse.

Answer: banana.

When bots come across a question that requires specific knowledge, they can try to search for it on Google. If the question is too specific and the answer doesn’t immediately appear in the search results, brute force is the only way to get through. By brute, we mean bot programmers trying to learn every anti-spam question and then include the answer in the bot.

The more random questions you have, the more difficult it will be to include all the answers in the bot. Many bot creators give up when they see more than ten random logic questions. It is good practice to change questions or add new ones from time to time.

Implementing Time Analysis

A person needs up to 5 seconds to fill out a registration form on the site. It is necessary to enter the email address, name, and other information requested from him and click the button to confirm the subscription.

It takes a person’s time to enter all this data. However, bots are not limited by the passage of time. They fill out the form instantly.

Tracking form completion times is a great way to check all registered email addresses initially. You may also adjust the time depending on your personal needs: the number of forms and fields you need to fill out.

Take it into account when setting the cutoff time. However, there are some disadvantages. Having autocomplete options allows user databases to populate contact questions that they also use automatically.

Setting time limits makes the process time-consuming, but they will be beneficial if your forms require additional information or work.

How to Prevent Inbox Spam?

There is no one-click solution to prevent spam from accumulating in the inbox — it’s a balance between prevention methods and email filters.

What to do? The email owner should take the following steps to prevent spam flow to the inbox.

  • Keeping email addresses private. Give your email address to well-known people and not post it in free access on the Internet.
  • Using a contact form on the website is a safe alternative to posting your email address.
  • Turn on domain privacy for all your domain names to hide your email address.
  • If you need to send messages to many recipients, use the BCC field to hide them from other recipients.
  • Setting up a spam filter when creating an email account. You can start training filters right from the start.

For the above points to work effectively, you should not do the steps below:

  • Don’t click spam. Spammers keep spamming because people keep getting scammed. Never click on suspicious links; otherwise, you risk ending up in the spammer database, and they sell the valid email address to other spammers with the assurance that the email address is legitimate.
  • Do not use short and very simple usernames and aliases. They are the easiest to collect and, as a result, are more prone to spam than the longer, more unusual ones.
  • Do not use real email addresses to subscribe to free downloads of any kind on the Internet. Create a unique address just for it, as you can delete it at any time.
  • Do not open suspicious-looking emails or attachments. Some spammers hide malicious viruses that infect a computer in email messages or attachments.
  • Do not make purchases suggested in the spam messages you receive. Only a few sales make spam cost-effective for spammers.

Spammers are annoying, and as long as the cost of spamming is much lower than the return, there will always be spammers. And the arms race against spam bots will continue to escalate. But hopefully, with the combination of the tools listed here, you will have a strategy that will last for several years.

Ivan Kolesnikov

About the author:

Ivan Kolesnikov

Experienced professional in programming.

Learn How We Can Help

See what running a business is like with Global Cloud Team on your development. Please submit the form below and we will get back to you within 24 - 48 hours.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.