For the second time in the past couple of months, we've had someone trying to win a competition on a clients' website, by submitting large amounts of entries. Here's a small analysis of how they do that.
It looks like there's someone out there, who has built a nice infrastructure, that allows them to win any competition on the internet.
What they do is, they find a competition and then set up some script to submit many different entries for it. By submitting very many, they highly increase the chance of winning the competition. Some observations are:
- All the names of the persons are different
- All the emails are different, and also use many different domains
- They connect from many different IP addresses, which makes it hard to block them by IP.
However, further analysis finds:
- All domains are registered to the same organisation. An example is "cannotmail.org.uk" which is registered to "Travelresearch Ltd" in the UK.
- All the domains are email domains only (only the MX record resolves) and they are all registered with a German registrar, "IPHH Internet Port Hamburg GmbH"
We've now built a system that allows filtering out the entries in a competition to exclude all the entries that have been submitted this way. If you're interested to use it, get in touch.
If you run a competition on your website, particularly one that has a nice prize for the person winning the competition, be aware that you may be selecting this scammer for the final prize.
You might say, well put in some captcha's and you'll be fine, but at Tincan we've never been too fond of captcha's because we think they block real users and make the site less accessible, whilst they're never 100% effective.