A Plague of Spambots

About a month ago, I noticed a bogus registration from a somebody who never paid, and did not show up. A week after the class, I saw an identical registration , so I tried calling the phone number. It was not a working number, so I just deleted the sign-up.

About two weeks ago, I started getting several obviously bogus registrations with gibberish names, and 800 numbers (or incomplete phone numbers). At that point, I started checking, and discovered that the signups were coming from a Chinese IP address. Yesterday, I got about 5 of those bogus registrations. It was now well past the nuisance stage, so I started looking for a way to block these bogus registrations.

After a bit of searching for things like the 800 numbers that were being used, I ran across some very interesting information: These spambots are trying to register as users for the purpose of making spam comments on blogs. They were apparently keying off of the word “register” in either the page title or the main menu. Since the registration menu item on my site comes before the blog menu item, that’s what they were hitting.

I have changed “registration” to “sign-up,” which I hope will at least move the problem to the comments section, where I can use one of the readily available plug-ins to block them (like the one that can just block Chinese IP addresses). I’m hoping that this reduces the problem to a manageable level, and that future potential students will not be prevented from registering for a class because some low-life spammer has filled the registration list with bogus entries.

Edit 10/12/2011: Haven’t seen any ‘registrations’ from spambots in a couple of days, although a large number of the ‘hits’ on the site are from a known spambot IP. I would like to think I’ve defeated them permanently, although the chances of that are pretty slim.