Thread: Spammers getting around anti-spam captcha image

Hey guys, I developed an captcha image a long time ago and it has been working great, I even keep it updated and change the font files as well.

However recently one of my clients has been receiving spam emails, when I look at the comments I notice that the anti-spam text is actually part of the comments!

I looked through the code to see if it was something I had missed but it isn't somehow the spammers are getting the anti spam image text and are able to post spam emails to my client.

Does anyone have any idea on how they are doing this? I am guessing they are reading the php session var but seeing as how it is an obscured name then I cant see how they have managed to do it.

Sample image is below

If you would me to review this fully please post the link to the site and i will do some testing. One thing to remember is that if you only have One or 2 captcha images then a spammer could easily tap the into a program.

Your images are good i doubt an ocr engine would be able to read them.

In fact, it is probably an OCR engine. Your best bet is to transfer over to something like recaptcha: reCAPTCHA: Stop Spam, Read Books

This one is used at hundreds of high profile sites and offers the best protection. They also continuously update their method so that they are one step ahead of spammers.

The image has 5 different backgrounds designed to fool ocr, how? well OCR does pick up some text but it also picks up the background text, plus with the font changes (not shown on that image) it makes OCR difficult.

Untitled Document

Here is an example page, I have just made some more modifications to the script and will upload later but interested in what people find out

I forgot to add I checked the OCR bots by using the "What The Font" script which is designed to detect what the fonts are in an image

Here are the latest versions of the script (not uploaded yet) you basically have to enter the blue text

It doesn't matter if you think it works, spammers are getting through so there must be something wrong..

Either they are automatically spamming your site through OCR recognition, or they are paying some guys to do it manually.

premiumscripts added 2 Minutes and 19 Seconds later...

Anyway, looking at the latest version of the script that you haven't yet uploaded, I don't think that would be too hard to crack. The letters that are allowed are all colored blue or red whilst the rest is just gray, so that's easy to filter out. Then, doing OCR on each letter separately seems like it should work quite nicely. (Note I do not have any experience in this, just theorizing)

I tested it for you with my OCR engine and it could not work them out not even close. I have another engine designed for captcha but you must send me the url if you want me to test it.

thanks gurukid2, I knew an OCR couldn't crack it was confused as to how they were getting around the session. I did find an article explaining it a few months ago but now I cant find it! typical.

For now i've just blocked all links with a few regular expressions

It is not a matter of OCRs anymore.
CAPTCHA breaking services are poping everywhere and they are mostly human based.
deathbycaptcha, captchabuster, captcher etc. all are aided by human based services working 24/7. The costs also are amazingly low. They are called "CAPTCHA farms".
This is really bad news for captcha based spam filtering methods and there is little to be done about it. There a service called captcha 2.0 that says it will block and even notify about captcha relay attempts. it is SOAP based service and it is free for low traffic sites. It seems they using animated gif, in the site though they say this is only to prevent screen prints and the anti relay mechanism is "under the hood"

As stated you may find this is being performed by humans as opposed to a script.
Maybe you could crank up the logging within the captcha script to measure response times, etc.
It might give you an idea if this is being done automatically or manually...

I also have captcha installed but still spammer get around it. So I have to schedule weekly check of my site to get rid of spams. Its is tedious but it is working for me.