Web Form Spam: What Is It and What Does It Mean?

Web Forms are web pages that web sites use to allow the viewer to fill in information to be conveyed to the site owner. For instance, a potential customer can ask a question about a product or shipping, or make a restaurant reservation. Hopefully the arrival of a web form result in your inbox is a good thing!  Unfortunately hackers and spammers can sometimes ruin a trusted conduit of information.

But have you ever received form results that look like this?

Everyone asks:   What Does It Mean?     Did They Break Into My Account?   
                           Why Are They Doing This?     How Can I Stop This?

These examples are one of many nonsense and spam advertising variations of web form spam. There are two basic kinds:

1. Advertising spam: The contents of the web form will be filled in with real (English) sentences trying to sell a product. The more sophisticated ones even are worded to appear to be a real SALES INQUIRY in order to attract your attention and raise your hopes for a sale, until you read on that they are not inquiring about YOUR products but rather want YOU to inquire about THEIR products.
2. Jibberish/nonsense spam: The contents of the web form (as in the above example) is jibberish (gobbledygook) and if it includes an email contact or web site URL those would be random letters strung together with a .com after it. No one knows why someone has taken the energies to program a bank of computers to be sending these out, since there's no financial gain for anyone. And, because there are usually only one or two sent to any one given web site owner, they wouldn't have the purpose of a competitor trying to distract you or clog your email. We estimate that about one-third of all web form spam is of this useless nature. Someone has too much time on his hands (and yes its usually a male). Go figure.

The advertisers of course are trying to use this route to get around the spam filters set up for basic email messages, where traditionally all of the spam has been sent. Typically, site owners will have their spam filters set to permit ALL web form contents to be allowed through to their inbox without filtering (because of the risk of filtering a potential new client).

The source of these messages is usually a "bot" (an automated computer script/program) that acts as a robot to tirelessly 24/7 search for web forms and fill them out. In most cases, the bots don't even use the SUBMIT button provided, but rather they have "scraped" your form's web page, and they will execute a generic SUBMIT of their own.

In some rare cases, people are hired to sit all day in internet cafes in foreign countries to paste in a more customized message. This is labor intensive and even though the hired worker gets pennies a day, it's most often not worth it, and the spammers resort to the automated script method.

It's important to note that no one has broken into your account, and your web site is not compromised. It's just that your web form is there for the "taking" (filling out and submitting), and so anyone/anything can do it from anywhere. It's certainly annoying, isn't it?! (As if we all don't have enough clutter in our (business) lives and entropy in the universe.)

How Can I Stop All This Web Spam?

You really cannot expect your email spam filter to accurately ferret out spam from real business inquiries - usually your customers will write you using terminology that include technical or product specification words, which to a spam filter look like someone is sending you product information (and they are!) (but concerning your own products).

FormBlocker™ Technology to the rescue.

SherwoodHosting LLC has developed proprietary Form-Blocker™ Technology as a Swiss-army-knife-approach tool that not only filters web form spam, but also provides MANY other features for:

• formatting (let's get this information to be more readable instead of formatted for geeks!),
• delivery (cell phone text message, fax, database archiving), and
• advanced features such as customized "gadgets" for the web form, field validation, etc.

Example of FormBlocker custom formatting for received email messages that contain form content as filled in by viewers: