Am 27.03.25 um 21:55 schrieb Jaroslaw Rafa via mailop:
However I wonder - and here I'm looking for your opinion - what can be a possible gain for the attacker from such an attack? The form does not have any field to enter own information that could be passed to the recipient - just login, password and email - so all the recipient gets is a standard message saying that someone registered an account named XYZ on my website using their email address, and if they want to confirm it, they should click the link, otherwise do nothing and the registration will expire in 24 hours. How can anyone benefit from spamming people with such messages?
The bots trying to exploit web forms probably hope that they can fill some field with a "name" (actually a longer string containing a blogspot URL).
If this was one of those, it didn't realize that there is no name field to fill in. Ratware is sometimes stupid. Cheers, Hans-Martin
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
