I'm here to seek the help of some experts.
I have been receiving spam through one of my websites contact form. I can't understand why this person is spamming me, as they never include a link to their page, just a name, and a fake/random email address. The form emails the contents anyways, so it would never post to my website even if they were.
Here are the steps I have taken:
Manually reviewed IP address, and blocked all from spammer. They get a new IP within minutes. All different states and different ISPs.
Reviewed and blocked common referrer's. This has rendered pointless as they have a new referrer with each submission.
Set CloudFlare to the highest security setting possible.
Inserted a manual blacklist blocking common fake email domains they were using (123.com, gov.com, abc.com, etc.)
Changed internal CAPTCHA to ReCAPTHCA.
Using "hidden field" spam prevention.
Used HTAccess to block most proxy services. Again, pointless.
There are no patterns to the submissions. Fake names, and fake emails, along with new referrers, new IPs, new User-Agents. It's making me go insane.
For the life of me, I cannot figure out how to block this person, or understand why they are spamming me to begin with. I thought maybe it was referrer spam, but my logs are not accessible, and the referrer's site can also be generic, like Yahoo. The only reason I can tell it is the same person, is because the volume, and the fact that the names always have a middle initial, and the emails are always capitalized the same way "FirstMLast@Somedomain.com".
I manage over 300 sites, similar in product and audience and all using the same form code, and this is the only site experiencing this issue.
It started out as annoying, but now it has become problematic, as my sales staff is having to filter through dozens of these a day, to find out that they are not legitimate request.
Any help/insight would be greatly appreciated.
Any experts out there?
Has to be related to your form. Reads like a spam bot, that just keeps hitting your site. Which leads me to believe your CAPTCHA isn't working properly, as that should stop it. I don't use CAPTCHA's because I find them problematic from an accessibility stand point. I'd double check to make sure all server-side code is executing properly. If all sites implement the same functionality and just one site is causing problems, there's something amiss in that code base.
Thank you for your reply.
I have looked into this further since your reply, and everything is executing identically. The coding is also the same as the other forms without any breaks or vulnerabilities.
It could be manual entry, but I don't understand the reason. As I said, the contents of this form are never printed publicly, only emails to the sales manager.
It makes no sense. Referrer spam is the only thing I can think, but as mentioned, my logs are private.
That technique might work, but it might block people you don't want to block.
I've figured out a better way. It stops form spammers in their tracks on every site I have put it on. And it is all free. Just visit this page to see what the form spammers will see; then look at the details on the 'info' page.
All free, open source. And it works. I suspect it will be copied, but don't care. Here's where to start: http://formspammertrap.com . There's not even advertising on that site, and I don't capture your contact info.