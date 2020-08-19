Why would a spammer do this?

I am not asking for advice on blocking spam, I have a pretty good idea how to do that but it is generally not a problem for me luckily. I occasionally get the usual ones - I have won the lottery, disaster relief, they have intimate photos of me, click on this link - you know the stuff - no problem.

But I quite frequently get very similar spams via a contact form that I assume are from a bot. Simply a fake email address and a single or short comment of random words like ‘reasons’ or ‘ultimate view’ or ‘wood’ or ‘total container’.

My question is - What is the point? There is no link, obviously spam, I couldn’t reply if I wanted because it is a false email address. I just delete. But my curiosity is roused, is there an ulterior motive I am missing, is there some hidden threat.

As far as I can see - no problem - but - why do it ?

It could just be the kind of “failed Spam” we sometimes see here. We get posts which are clearly intended as Spam, but the poster has either forgotten to add the link, or malformed the link so it doesn’t work.

Aaah OK, makes sense, it’s kind of the ultimate negative commendation really, bad enough to be a spammer - but a failed spammer - love to see that on their resume ! :smiley:

Perhaps the poster purchased thousands of links and any that bounced would be reported. These could be removed from to the list.

Good point !

Any email that you put submitted data into can contain html, css, javascript. If you didn’t apply htmlentities() to the values, that content will get executed if you are using a browser to read the email. At a minimum, this would give your ip address to someone (via request(s) to a 3rd party server to fetch an image or similar) and if you happen to be reading the email on the same domain as your web site, cross site scripting can read and send your web site’s cookie values too.