A spambot is a computer program designed to assist in the sending of spam. Spambots usually create accounts and send spam messages with them.[1] Web hosts and website operators have responded by banning spammers, leading to an ongoing struggle between them and spammers in which spammers find new ways to evade the bans and anti-spam programs, and hosts counteract these methods.[2]
See main article: Email-address harvesting.
Email spambots harvest email addresses from material found on the Internet in order to build mailing lists for sending unsolicited email, also known as spam. Such spambots are web crawlers that can gather email addresses from websites, newsgroups, special-interest group (SIG) postings, and chat-room conversations. Because email addresses have a distinctive format, such spambots are easy to code.
A number of programs and approaches have been devised to foil spambots. One such technique is address munging, in which an email address is deliberately modified so that a human reader (and/or human-controlled web browser) can interpret it but spambots cannot. This has led to the evolution of more sophisticated spambots that are able to recover email addresses from character strings that appear to be munged, or instead can render the text into a web browser and then scrape it for email addresses. Alternative transparent techniques include displaying all or part of the email address on a web page as an image, a text logo shrunken to normal size using inline CSS, or as text with the order of characters jumbled, placed into readable order at display time using CSS.
See main article: Forum spam.
Forum spambots browse the internet, looking for guestbooks, wikis, blogs, forums, and other types of web forms that they can then use to submit bogus content. These often use OCR technology to bypass CAPTCHAs. Some spam messages are targeted towards readers and can involve techniques of target marketing or even phishing, making it hard to tell real posts from the bot generated ones. Other spam messages are not meant to be read by humans, but are instead posted to increase the number of links to a particular website, to boost its search engine ranking.
One way to prevent spambots from creating automated posts is to require the poster to confirm their intention to post via email. Since most spambot scripts use a fake email address when posting, any email confirmation request is unlikely to be successfully routed to them. Some spambots will pass this step by providing a valid email address and use it for validation, mostly via webmail services. Using methods such as security questions are also proven to be effective in curbing posts generated by spambots, as they are usually unable to answer it upon registering, also on various forums, consistent uploading of spam will also gain the person the title 'spambot'.