Website Security
We have covered some aspects of security on our Javascript and add-ons page. This section of our site covers email and online enquiry forms. We can't stop spam and we can't totally secure online enquiry forms but we do our best to minimse the problems.
Online Enquiry Forms
There is a nasty outbreak of spam attacks on online enquiry forms, Evil wrongdoers are trawling the net and sending in bogus enquiries full of stupid links. Why do they do it? I don’t know! Actually I do know -these people are looking for insecure online enquiry forms that allow alteration of headers and the email destination fields, they are trying to hijack the server running the enquiry form and force it to send out millions of spam messages. We try to make sure that all our enquiry forms code is as secure as possible and mass email attacks are prevented.
Another reason these pirates flood enquiry forms with their lists of links is that spam filtering software has become more efficient, so to try and get their marketing message across they are hitting online enquiry forms. Unfortunately there is not much we can do to stop their nefarious activities as an online enquiry form has to be accessible or it would not be any use!
At the moment there are not too many of these attacks so I would suggest ignoring these daft messages. If the situation worsens we may have to consider adding a question and answer box or one of those horrid little image boxes with letters that are supposedly readable by humans, even these are not secure as the spammers are now employing OCR (Optical Character Recognition) software to break these security measures.
Email Addresses
Other Ecriminals use trawling software to try and find valid email addresses in websites, so that they can add these addresses to their mailing lists. As we mentioned in the Javascript page, we rae not keen on using Javascript in web pages but for displaying email addresses there isn't really another option. We add an encrypted set of Javascript code to our pages which is translated when the visitor opens the page with a Javascript enabled browser. This should stop most of these attacks, however most companies want an email address like 'info@mycompany.co.uk', so the spammers just send mail to every combination of 'info@' and web domain names they find on the net.