OWASP Automated Threats

Malicious or questionable information addition that appears in public or private content, databases or user messages.

What is Spamming?

Malicious content can include malware, IFRAME distribution, photographs & videos, advertisements, referrer spam and tracking/surveillance code. The content might be less overtly malicious but be an attempt to cause mischief, undertake search engine optimization (SEO) or to dilute/hide other posts.

The mass abuse of broken form-to-email and form-to-SMS functions to send messages to unintended recipients is not included in this threat event, or any other in this ontology, since those are considered to be the exploitation of implementation flaws alone.

For multiple use that distorts metrics, see OAT-016 Skewing instead.

Spamming is also known by terms such as blog spam, bulletin board spam, clickbait, comment spam, content spam, content spoofing, fake news, form spam, forum spam, guestbook spam, referrer spam, review spam, SEO spam and spambot.


The symptoms of Spamming

  • 1
    Increase in the rejection rate of user-generated content by moderation processes
  • 2
    Higher rate of complaints from users about spam content
  • 3
    High appearance of typically fraudulent keyword in user-generated content (e.g. celebrity names, insurance, viagra)
  • 4
    High hyperlink density
  • 5
    Inclusion of hyperlinks to web hosts that redirect, or with low reputation, or that host malicious content directly
  • 6
    Requests from source IP addresses, devices, fingerprints that appear on spam lists


Sectors targeted by Spamming

  • Entertainment
  • Retail
  • Social Networking


Can InfiSecure prevent Spamming?

InfiSecure’s bot protection blocks all spam bots in real-time. InfiSecure can deny or restrict access from IP addresses known to be vulnerability scanners, web crawlers or cloud providers engaged in spamming websites.