Message Board

Newbie/Basic Questions

Older Posts ]   [ Newer Posts ]
 "Complete Obfuscation" SPAM'd
Author: J.Yard2   (21 Apr 07 7:33pm)

This past week I changed our contact email address and implemented it using the “complete obfuscation” JavaScript method with address broken up in an array and assembled by client side JavaScript execution. It’s only been a few days and I’ve already received 2 SPAMS at the new address. Honey Pot hasn't received any though.

There must be some JavaScript executing bots out there or the bots are identifying sites the spammers should go look at manually.

Thoughts?
 
 Re: "Complete Obfuscation" SPAM'd
Author: M.Prince   (21 Apr 07 11:28pm)
Interesting. I'd add another possibility to the mix: Your email address was dictionary attacked because you used a "username" -- the part in an email address before the @ sign -- that was within the common list of dictionary attacked usernames. Next week we're going to begin publishing the list of the top dictionary attacked usernames.

It also could be that some spiders are executing Javascript. I've seen some built on top of IE, but they're terribly slow and prone to traps that send them into infinite loops. Could be people surfing your pages and entering your address.

But, given the tests we continually run, if I had to bet on one of these possibilities, I'd put my money on the dictionary attack.
 
 Re: "Complete Obfuscation" SPAM'd
Author: J.Yard2   (22 Apr 07 12:19am)
The name is a single digit followed by a 3 letter word, followed by a hyphen, followed by an abbreviation. Obviously you could go to my site and see what it is if you like. I don’t know, maybe you already have. I know it's not the strongest anti dictionary attack name but doubt it would have been found by chance in literally just a couple of days.

I was thinking maybe some bots are logging suspect sites for the spammer to go manually grab addresses and feed them into a db. This would be a way to diminish the usefulness of Project Honey Pot.
 
 Re: "Complete Obfuscation" SPAM'd
Author: J.Yard2   (22 Apr 07 2:39am)
Found where they got it from. I missed a page in one of the sub-domains, so it was right there in plan sight. Arg.

Post Edited (23 Apr 07 4:21pm)



You may browse the discussion topics, but you must sign in to post. If you do not have an account, you can create one for free.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–25, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email