Why website spam can be a sign of danger!

Spam via a contact form on your website isn’t fun. You get your hopes up when you see a few enquiries come in, only to have them dashed that they aren’t real, it’s just some obscure people from Russia, the USA or China trying to sell you some blue pills, or are they?

Like in Jurassic Park where the velociraptors test the defences of their enclosure for weaknesses, so do spammers see what they can get through a website’s defences. 

I’ve been building websites since 1998. At my first job, we built websites in Notepad (which was a simple text editor), and contact forms were written in HTML using an external Perl script in a CGI-BIN folder. I know that’s probably gobbledegook to most of you. To this day I think of CGI as standing for Common Gateway Interface, not Computer Generated Graphics. 

This was back in the early 2000s and spam was just a bit of a nuisance back then. A few years later it was becoming a real problem. Often contact forms could get hijacked from an outside source and send out masses of spam using that form’s code. We had to put better and better measures in to combat it and it’s a constantly changing landscape, which feels like an arms race between spammers and us website developers. We look after hundreds of websites, most of which have a contact form of some kind as having a visible email address means the risk of direct spam is highly increased. 

Just to clarify there are lots of types of spammers and hackers, ones which target computer systems as we’ve seen in the NHS and some targeting operating systems on smartphones or computers. This article is purely about website security, whilst similar in approach there are some differences in how to keep safe.

Why do spammers target websites?

There are two types of hackers, ones with nothing better to do and who are just playing and seeing what they can get away with, they’re not much better than common vandals. The other is people with some clear intent, it may be they think they’re working for some greater good, or extorting money or information from people.

If your website is targeted, it’s far more likely it’s a bored teenager who’s let written and let loose some kind of bot onto the web to see what it can do. Perhaps they think they’re going to get famous, it has happened.

What’s the danger apart from spam being annoying?

If you’re site is targeted and the security poor enough that the spammers are able to send out masses of spam, it could get your mailserver blacklisted. If your email is on shared hosting with your website, your hosting provider could take down your service altogether, until the bug is fixed on your site.

Another scenario is the spammers find a weakness and hack into your site, this may lead them to adding inappropriate content or take your site down completely. 

What can be done about it? 

If you have a WordPress or Drupal website then keep all the software up-to-date, and all the backend server stuff too. If that’s too technical call us. You may need an expert to help. For all of our websites, we monitor and add extra measures to keep spam to a minimum as well as keep all the security up-to-date!

Get help with your website now