How do spambots work?

Posted by rlb.usa on Pro Webmasters See other posts from Pro Webmasters or by rlb.usa
Published on 2010-10-06T18:54:36Z Indexed on 2012/10/25 23:17 UTC
Read the original article Hit count: 196

Filed under:
|

I have a forum that's getting hit a lot by forum spambots, and of course the best way to defeat something is to know thy enemy. I'll worry about defeating those spambots later, but right now I'd like to know more about them. Reading around, I felt surprised about the lack of thorough information on the subject (or perhaps my ineptness to input the correct search terms for better google results).

I'm interested in learning all about spambots. I've asked on other forums and gotten brush-off answers like "Spambots are always users registering on your site."

  • How do forum spambots work?
  • How do they find the 'new user registration' page? (I'm especially surprised because some forums don't have a dedicated URL for this eg, www.forum.com/register.html , but instead use query strings or even other methods invisible to the URL bar)
  • How do they know what to enter into each 'new user registration' field?
  • How do they determine what's a page they can spam / enter data into and what is not?
  • Do they even 'view' this page at all?
  • ..If not, then I'd assume they're communicating with the server directly - how is - this possible? How do they do it?
  • Can forum spambots break CAPTCHAs? Can they solve logic questions (how?)? Math questions?
  • Do they reverse-engineer client-side anti-bot validation scripts? Server-side scripts?
  • What techniques are still valid to prevent them?
  • Where do spambots come from? Is someone sitting behind the computer snickering as they watch their bot destroy site after site? Or are they snickering as they simply 'release' it onto the internet somehow? Are spambots 'run' by an infected computer somewhere? Do they replicate themselves?
  • etc

© Pro Webmasters or respective owner

Related posts about spam

Related posts about botattack