Received Strange Automated Email Topic is solved

[Compositeur]

I received a strange, seemingly automated, email via the main email address of my website. Here is the colourful text, with identifiers removed:

_______

Subject:
*****: j_r2noa8r_j губами запи тянуться ходом полноценно сафра denis
Date:
Wed, 4 Jul 2018 19:27:40 +0000
From:
mydomain <my_email_address>
Reply-To:
s********o <libertinakononov*******[email protected]>
To:
internal_email_address


This is an enquiry email via https://www.mydomain_dot_end/ from:
s*******o <senders_ref*****@mail.ru>

bootstrap братские fact ваще занятия downtown alors подключении умову осман позволило сформировали разложено кругопряда lived компьютерную started vaya излишки спортивная разогреваем бюджетных исключено camry закругленными документами выпишу микрозаймов Лорак инка curtis quand лидеры plaît пятно газоблока drawer комплекта стратегии деятели закрытия сверлить deluxe gantz обращает молочницы ddr4 scan волков

_______

Please could a tech.-savvy person tell me how and why this happened and what I can to to block future such emails? The part where users can sign up for an account is switched off at my site.

Thanks in advance.

[AMurray]

Without knowing your system, it's impossible to guess. Please use the Forum Post Assistant.....viewtopic.php?f=714&t=793531. In that way we can see a snapshot of your Joomla system,and any component that might be allowing that spam.

First up, I would take advantage of the free scan using the service on myjoomla.com (and would recommend subscribing to it as well for ongoing diagnostics and solving security problems).

There might be a clue from that service's scan results that could point you in the right direction.

Also, albeit obviously, you need to keep Joomla updated and all extensions updated. (Noting your "joomla enthusiast" 3-star rating on this forum no doubt you're aware of the need to keep things up to date ).

However there maybe other ways the spam is being sent, maybe the spam-bot is simply scanning your site for email addresses (as is pretty typical way spammers do), so they could just have obtained it that way, or could be using another form (a contact form for example) in your site to send such junk mail.

There are ways to 'mask' your email address with plugins (search the JED for such). Ensure your forms have captcha fields (like Google Recaptcha) - although the success rate with combating spam this way could be a bit hit and miss as spam-bots become smarter. Generally such captchas are reliable in preventing spam.

[PhilTaylor-Prazgod]

Without knowing your system, it's impossible to guess.

Wrong.

The key is this part:

This is an enquiry email via https://www.mydomain_dot_end/ from:

Which means this was submitted through the Joomla Contact forms, and therefore this is nothing other than normal spam messages because you have not followed best practice and implemented the Google reCAPTCHA v2 on your site.

Documentation:
https://docs.joomla.org/J3.x:Google_ReCaptcha

First up, I would take advantage of the free scan using the service on myjoomla.com (and would recommend subscribing to it as well for ongoing diagnostics and solving security problems).

Well I cannot disagree with that statement :-)

[Compositeur]

Thank you Messieurs Murray and Taylor-Prazgod.

I'll follow your advice.

Keen to find a more generic and less corporate captcha plugin to use. (Quote: 'Sign in with your ...account. If you don't have one yet, create one.')

I thought I'd switched off Joomla Contact forms in any case. This spammer seems to have bypassed that. Odd, since the spam sent does not seem to say anything logical.

[fcoulter]

You can find some Joomla captcha extensions here:

https://extensions.joomla.org/tags/captcha/

Sign in with your ...account. If you don't have one yet, create one

You can override any text such as this simply by creating a language override, see : https://docs.joomla.org/J3.x:Language_O ... _in_Joomla . It is not necessary to change an entire plugin just because you don't like the text.

Yes in this case the spam email text does seem to be nonsense, I would guess that it is a spammer just testing out their system.

[Compositeur]

Thanks fcoulter. This is very helpful.