In one of my previous posts I wrote “Is Captcha Secure“. Now spammers have proved that its no way secure by hacking Windows Live Captcha used by Hotmail and now Google’s Gmail Captcha system.
Now the spammers/bots can automatically signup in Gmail and create random bogus accounts. Websense believes that from the spammers’ perspective, there are four main advantages to this approach.
- First, signing up for an account with Google allows access to its wide portfolio of services.
- Second, Google’s domains are unlikely to be blacklisted.
- Third, they are free to sign up.
- And fourth, it may be hard to keep track of them as millions of users worldwide are using various Google services on a regular basis.
Check out this link for more details on the tactics used by spammers to hack the Gmail Captcha system.
If u maintain a website do not use captcha to ward off spammers. You can follow either of the two approaches.
1. Instead of asking the user to type something, follow a image based approach. i.e., asking the user to click on the image in a given list. This approach is being used in Passpack while registration.
2. To tackle spam attacks on the comment form, the drop comment can be a solution.
