SQL attacks or coincidence

Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic

   Today I received three "Tell a friend" notifications hours apart for products which are random and items we never sell. I hardly ever receive TaF notifications and I find it suspicious. Should I be worried that someone is trying to get into my store?

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic
M Robles Members Profile Send Private Message Find Members Posts Add to Buddy List Groupie Joined: 13-July-2006 Location: United States Status: Offline Points: 0	Post Options Post Reply Quote M Robles Report Post Thanks(0) Quote Reply Topic: SQL attacks or coincidence Posted: 10-August-2012 at 3:16pm
	Today I received three "Tell a friend" notifications hours apart for products which are random and items we never sell. I hardly ever receive TaF notifications and I find it suspicious. Should I be worried that someone is trying to get into my store?

Greg Dinger Members Profile Send Private Message Find Members Posts Add to Buddy List Certified ProductCart Developers Joined: 23-September-2006 Location: United States Status: Offline Points: 238	Post Options Post Reply Quote Greg Dinger Report Post Thanks(0) Quote Reply Posted: 10-August-2012 at 4:44pm
	It is fairly common that spammers will attack the TAF page, exploiting it with an automated process to send spam. When they do that, it's been our practice to turn off TAF in the store, rename the file (thus hiding it) for some days until the spammer goes away. Left available for them, if they continue to exploit the page, your mail server can be blacklisted, and your site can be found to be violating your host's terms of use agreement. As a note, we recently build script modifications that allow the merchant to dictate the number of consecutively repeated uses of the contact page, and of the authorize.net page, before we redirect the offender to an error page. This was in response to the sorts of issues where stores are being used to test stolen credit cards, and some flake who tried to exploit a client's contact page. Both of these solutions are available for purchase if anyone needs them.

Hamish Members Profile Send Private Message Find Members Posts Add to Buddy List Admin Group Joined: 12-October-2006 Location: United Kingdom Status: Offline Points: 56	Post Options Post Reply Quote Hamish Report Post Thanks(0) Quote Reply Posted: 11-August-2012 at 7:46am
	The Tell-A-Friend has by default a captcha code, unless you explicitly disable it ( in recent versions of ProductCart anyway). That should deter all but the most determined attempts at abusing the page to send messages as it needs human interaction. Its the old old story, there are so many websites out there that are vulnerable they will almost always move on to an easier target if there is a Captcha code.
	Editing ProductCart Code? See WIKI Guidelines for Editing ProductCart's ASP Source Code

Greg Dinger Members Profile Send Private Message Find Members Posts Add to Buddy List Certified ProductCart Developers Joined: 23-September-2006 Location: United States Status: Offline Points: 238	Post Options Post Reply Quote Greg Dinger Report Post Thanks(0) Quote Reply Posted: 11-August-2012 at 9:18am
	Hamish, as a point of interest, the store where we built in a defense mechanism last month (against abuse of the contact page) was fairly current (4.1) and had CAPTCHA engaged. CAPTCHA did nothing to slow the attack. The merchant became weary of deleting e-mails and had us cut them off at 3 submissions from any given IP.