random characters being submitted through form

mrgrammar

Lately I have been receiving form submissions with random characters. It looks something like this.

SenderName: xfcztcwjig
SenderEmail: bbpchdcflw@zdebml.com
FirstName: xfcztcwjig
LastName: xfcztcwjig
Title: vhizfpqs
Organization: xfcztcwjig
Address1: http://www.pfxwmlcapd.com/

Does anyone know the source of this and why it is being done? What is the best way to catch this when the script is processing the form data in order to prevent the submission from going through?

jeepin81

Looks like some type of crawler, spammer, bot, etc, etc... type of thing.

I like to use a honey pot to prevent these type of creeps. Something similar to this that I found doing a quick google search: "php honey pot". You could also use captcha but I'm not big fan of those things.

Or it could a really bored person just filling out your form for fun, which you'd have to block their IP address. :\

paulnaj

I have no idea what the point of this is, but it looks like a 'bot' that looks for forms on pages, extracts the fields and fires off 'submits'. As I say, have no idea why.

One way to inhibit this particular problem with two (pretty standard, I think) methods. First up is to put a very tempting textbox (called something like 'email' or 'website') on the page, but hide it with CSS. (You might even put some text beside it saying 'leave this empty' for those who can't use css)

If the form values comes in and this field has a value, you know it's a bot - in which case just die(); Don't fire off any error messages, just die().

It's not perfect, but I only get one of these every now and again, rather than loads per day.