If website spam is a thorn in your side, it’s time you snagged the spammers with a honeypot. By spam we mean the automated and mechanically submitted data that constantly attacks your website; wasting resources, time and challenging the rigor of your site’s security.
What is a Honeypot?
A honeypot is a trap set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of a website (or computer system). In the case of websites, many of these spam attacks come in the form of junk form submissions or via attempts to find vulnerabilities. They commonly jam contact forms and product inquiry fields that you have on your website – leaving you with potentially hundreds or thousands of spam entries per day.
A honeypot is a trap set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of a website.
Spammers and automated “bots” crawl the web to find your form and then submit random junk data (“spamdom”) or links to spam through it. Additionally, this process maliciously attempts to get you to click on a hyperlink connecting to spamdom or digs for a way into your server’s data to either obtain customer information or gain control of the website in some way. Scary, right?
The good news is that according to Symantec, a worldwide team of security engineers, threat analysts and researchers who help secure and manage our information-driven world, spam was below 50% of all content in June of this year. This is the lowest rate since September 2003, which hopefully leads to the decline of spam all-together. (But don’t count on it!) In the meantime, a honeypot enables you to further reduce automated spam so that it cannot submit or try to obtain data through your website.
Here’s how a honeypot works. Let’s say you have a contact form that includes fields for someone’s name, email, phone number and a message. The automated spammers seek out fields of any kind to complete and send. A honeypot includes a field that is hidden from regular users but is visible to the automated spammers who simply can’t resist filling any field with data. Once all of the form fields are filled up with data (this happens in nanoseconds), the spammer attempts to submit the form. If the hidden field includes data, the form simply fails and does not get submitted. How sweet is that? Sweeter than honey, some might say!
The honeypot can also include a timer that will make sure a form takes at least a couple of seconds to complete. Automated spam moves very fast; way faster than any human would ever be able to complete the form and submit it. If a form is completed too fast it is almost certainly via some automated method – the honeypot will not allow the data to be submitted to the website.
Honeypots do not stop all spam submissions but they do a very good job at stopping the automated kind. Some spammers manually submit spam through forms in an attempt to get you to click on links or find vulnerability in your outdated WordPress plugin.
Honeypots can also eliminate the need for captcha forms. Captcha form validators require that the user type the letters of a distorted image or answer a simple math equation, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen. Captcha forms can work well at reducing spam form submissions but are known to frustrate legitimate users who cannot read the distorted charters. The legibility difficulties ultimately result in some users abandoning the submission—a bad thing for your website.
If your website design and development team did not implement a honeypot for you, give us a call and we’ll evaluate your website. All of the websites Trillion designs and builds include this feature at no additional charge. It’s just one more example showing how the websites we create add value to our clients and their businesses.
Did you find this information helpful? If so, please share it with your friends. If you have questions about your website and how it could become a more valuable asset for your business, give Trillion a call or click to complete our simple contact form. Our team has received numerous awards and accolades for website design and branding.