Hi,

Has anyone had any experience of someone trying to hijack their email sub-system through a contact form on their website. I have had someone attempting to do it to me (you get strange contact form messages where the email address is your own domain name with a prefix made up of random letters) so thought I would raise your awareness and also ask for any advice from people who have experienced it. I have contacted my ISP and shopping cart software companies to ask their advice and am pretty confident that whoever is doing it has not suceeded as I have a personal email address subscribed to my own mailing list and haven'tr received any spam from myself - if you see what I mean!! I am just worried as my business is relatively new and I don't want to lose customenrs because some idiot is trying to spam through my system. All the customer account details I have are encrypted with a GeoTrust security certificate so no-one should be able to touch them and credit card payments are taken through Protx so no worries on that score either.

It is really frustrating though, any advice would be hugely appreciated.

Thanks x

Oh thats really strange. Im sure I read about that somewhere. Is it definitely going through your contact form and how did you find that out?

I think they are attempting to go through the contact form but hopefully they are not succeeding. I worked it out because I kept getting newsletter signup notifications and contact forms submitted that were from my own domain name. In one of the contact form notifications it had some additional information that isn't usually in there and there was an email address that it had been Bcc'd to (this doesn't normally happen). You also get loads of contact forms sent through inthe space of a few minutes. The email address was jrubin3546@aol.com so I put it into Google and lo and behold there are loads of entries about this email address being related to contact form hijacking. There is some info on the internet about what you can do to deal with it but its all very techy! I have checked for some of the things they mention in the scripts but hopefully the software people or my ISP can help more. I'm pretty conversant with the technology but some of the stuff like this just baffles me!!

Like I say, I am quite confident it hasn't been spamming people cos it would have been spamming me too but I just don't understand why they are picking on me - I am a new, small business and don't actually have that many email addresses in my system - although I suppose it is just one of those webcrawler type things that just gives everything a go.