How can I stop a spam attack coming from my contact form?

Have more questions? Submit a request

50 Comments

  • Hilary Bialek
    Comment actions Permalink

    We are having the same spam issues, as noted by others, with a sudden increase in messages referencing Instagram recently. We also have CAPTCHA enabled and mark all bad emails as spam. A master fix would be wonderful.

    0
  • Gil Emery
    Comment actions Permalink

    I made those changes this morning around 730am and so far it has not stopped the tickets from being created.




    1
  • Mike Bernhard
    Comment actions Permalink

    I followed all of the instructions in Katie's comment as well as the ones emailed to me directly by ZD support. This issue is still occurring for us. 

    1
  • Meggan King
    Comment actions Permalink

    Yes, the directions being sent out on the tickets do not work. Even after waiting as suggested, they are still coming in. A global solution is required since this is affecting so many companies. 

    2
  • Ben Bos
    Comment actions Permalink

    Here also, the solution doesn't work. We also filter on the word 'Instagram' and don't send mail out.
    I am also curious how they are able to create tickets with the captcha enabled.

    0
  • Sam Peirce
    Comment actions Permalink

    I just wanted to jump in and mentioned that I'm running into the same issue. I've already tried everything listed here with no success. Any additional help is appreciated.

    1
  • Laura Gaffney
    Comment actions Permalink

    Also jumping in to say the fix didn't work. Still getting the spam messages. 

    0
  • Blair
    Comment actions Permalink

    Same issue here have tried suggestions still getting the Re:   tickets about instagram spam

    0
  • Corrin Duque
    Comment actions Permalink

    We have had our web widget turned off since yesterday afternoon but these keep coming through. The first one we got had subject line of "hello" followed by an odd username. But all those following have had a subject that starts with RE:

    None of these have a "Submitted from: " (followed by a page URL). When we tested from our web widget both on our company website and in our Zendesk help center the "Submitted from: https://..." (web page url) was always included. 

    See screenshot of our test webwidget submission.

    0
  • Paul
    Comment actions Permalink

    We have also been having this issue with Instagram SPAM for the past week or so. We already have ReCaptcha enabled, so we're not sure what else we can do since it seems the suggestion outlined here is not working either.

    0
  • Charles Swartz
    Comment actions Permalink

    Hi Katie, we are also experiencing increased spam through our contact form even though we have captcha enabled. Can you please create a support ticket for us as well?

    0
  • Lisa Rousseau
    Comment actions Permalink

    We removed the placeholders and setup.as recommended last Sunday but as of today ( Wednesday) are still receiving spam. Has anyone opted in to the beta spam filter? If so, has it been working and have they noticed if some are being filtered that shouldn't be?

    0
  • Mike Joseph
    Comment actions Permalink

    We've done the placeholder changes and opted into the spam beta (but it hasn't been enabled yet).

    My understanding is that even after you've removed the placeholders, it'll take several days for the spam to die down because the spammers are using your support address as, basically, a spam proxy. You're not the target, someone else is. So, removing the placeholders makes you a useless proxy and they eventually stop.

    2
  • Steve Ross
    Comment actions Permalink

    Same problem in the last week...and ongoing

    We already had the CAPTCHA in place, and I setup multiple automation rules to combat this but it does nothing to fix the problem... I even removed the widget completely when I saw the messages were tagged with web_widget, AND THEY STILL KEEP COMING IN

    None of the tickets are even sent to us, I think this is some breach in the Zendesk itself since every ticket is addressed to everyone but us. 

    This needs to be addressed and fixed asap.

    0
  • Paul McKelvey
    Comment actions Permalink

    Our account as well has been under attack by the instagram famous spam 

     

    0
  • Madeline Beard-Ojala
    Comment actions Permalink

    We've also been experiencing this issue at our company. Since last Thursday we've received 88 spam tickets from this same instagram spam. I'm going to create a ticket because I would like to be kept up to date on what actions Zendesk is taking to solve this. 

    0
  • Devan - Community Manager
    Comment actions Permalink

    Hello Everyone,

    I want to start by thanking all those who have posted about the recent spam issue and shared how this has been impacting you. We are aware of this matter and are currently drafting up a solution to which your feedback has been instrumental in aiding this process. I'm sure for those of you still affected are eager for a resolution, and I assure you we're working on delivering on this soon.

    As we finalize our response, we ask that for now, you refrain from posting on articles such as this that are not intended to handle feedback on critical incidents. When we post our solution, you will have the ability to comment, ask questions, and have our experts respond to your concerns. Again we appreciate your patience during this turbulence and will deliver this resolution to you the moment it is ready, which will be linked here.

    Thank you,

    Devan 

    0
  • Devan - Community Manager
    Comment actions Permalink

    Hello Everyone,

    Here is the article that explains our recommended best practice for dealing with the recent spam wave. If you have questions or require points in this article explained in further detail, please post your question in the article linked below.

    Combatting spam submitted via web service

    0
  • Mike Bandy
    Comment actions Permalink

    I wanted to thank the team for your efforts. We have not received any new spam emails to our inbox since last Thursday, so it looks like this issue has been resolved. We will be keeping an eye on it though.

    Thanks again!

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hi Mike,

    Thanks so much for taking the time to share this with us!

    I'll be sure to pass your kudos off to the appropriate team :)

    Cheers!

    0

Please sign in to leave a comment.

Powered by Zendesk