Spamming a spammer

SPAM equals evil!

I am constantly receiving huge amount of SPAM letters from my online forms. It is very annoying. Today I have decided to fight back.

The last SPAM letter contained a link to a landing page with a contact form. After short investigation I figured out that there is no protection against SPAM.

An "evil" script which sumbits the contact form was done in ten minutes. The script is written in JavaScript and does not require any special software to run, just open Google Chrome console and execute.

The script:

  • Generates valid random phone number.
  • Generates valid random name with help of this service - Russian name generator.
  • Generates valid random email address with help of this service - Email Address Generator.
  • Generates a random question with a Russian proverb. The values were taken from multiple sources.
  • Randomly injects propositions to stop sending SPAM.
  • Randomly injects proposition to update the web page with request to stop the attack.
  • Submits the contact form.
  • Repeats itself in a second.

I started the script on three machines from three different countries. Trying to stop the attack the website's owner remade the contact form three times. It didn't help him much and in the end he gave up.

The text in red says:
You have won!!!!!! We want you to stop it!!!

If you are a SPAMMER - make sure your letters do not reach me, otherwise you will be next!

If you are a website owner - make sure you have at least basic protection against such attacks.

Author on
Tags: SPAM, captcha, attack, DDoS
Views: 553 Comments: 0