Possible spam submissions of order notes?

For general questions and discussions specific to the AbleCommerce 7.0 Asp.Net product.
Post Reply
relish27
Ensign (ENS)
Ensign (ENS)
Posts: 16
Joined: Mon Jun 02, 2008 2:50 pm

Possible spam submissions of order notes?

Post by relish27 » Tue Aug 09, 2016 3:58 am

My client contacted me today to say that they've been getting an email sent to them repeatedly (content below), about 25 times at a time. This 25-time email situation has happened four times now.
Subject: Customer added a note to Order Number $order.OrderId

Please Review -

On ${note.CreatedDate}, a new message was added to Order Number $order.OrderId

Customer said:

${note.Comment}

[STORE NAME]
Any thoughts on why this would happen? And what to do to prevent this?

relish27
Ensign (ENS)
Ensign (ENS)
Posts: 16
Joined: Mon Jun 02, 2008 2:50 pm

Re: Possible spam submissions of order notes?

Post by relish27 » Tue Aug 09, 2016 4:14 am

Actually, I think I figured out both things.

In the Email Settings area, there's some options for the Product Send to a Friend form, which appears in the sidebar of product pages. I had not seen or configured this before (or if I did, it was 8 years ago). There's an option to select a template and it was set to "Note added by customer." This seems to correspond to the content shown in the email, even though the variables were not displaying actual content. I tried changing the template to "None" and then the Send to a Friend form no longer worked (error "Email template could not be loaded" is shown to the visitor.) So then I selected "Send to a friend" template and now it both works and sends the correct content to the recipient. Makes me wonder why this email template option was even given if only this template works... in any case, that mystery solved.

There's also an option to Use Captcha on this form. This was unchecked before, so I suspect my client was receiving submissions from some sort of spam bot. Hopefully having it checked will prevent this issue in the future.

User avatar
jmestep
AbleCommerce Angel
Posts: 8164
Joined: Sun Feb 29, 2004 8:04 pm
Location: Dayton, OH
Contact:

Re: Possible spam submissions of order notes?

Post by jmestep » Tue Aug 09, 2016 11:39 pm

We have had sites recently where the send to friend was being hit by a spam bot also. I guess some people have nothing better to do than cause other people problems. :(
Judy Estep
Web Developer
jestep@web2market.com
http://www.web2market.com
708-653-3100 x209
New search report plugin for business intelligence:
http://www.web2market.com/Search-Report ... -P154.aspx

User avatar
NC Software
AbleCommerce Partner
AbleCommerce Partner
Posts: 4620
Joined: Mon Sep 13, 2004 6:06 pm
Contact:

Re: Possible spam submissions of order notes?

Post by NC Software » Wed Aug 10, 2016 3:12 am

I BCC myself on product send to a friend and recently I'm seeing that spambot as well.
Neal Culiner
NC Software, Inc.

Post Reply