Prestashop 1.6.1. - Russia mails spams in sytel of prestashop contact form

[MartasPayne]

Hello,

in last month we recently received these russia mails.
I thought it was just a normal spam, but now I'm afraid because these mail has style of prestashop contact form...
You can see that these mails looks like a mails from prestashop contact form but logos of the mails are changing in every mail. 

Can somebody help me please? Is it dangerous? Was my shop hacked?

Thank you for answers.

[selectshop.at]

This is known bug and discussed several times here.

http://forge.prestashop.com/browse/PSCSX-9132

You should apply the script changes named on the bug-tracker link I posted one line before, or update your Prestashop to latest 1.6. Furthermore add a recaptcha to your Prestashop messaging forms.

https://www.prestashop.com/forums/topic/442633-add-recaptcha-to-prestashop-version-16014-for-free/

https://www.prestashop.com/forums/topic/114958-module-slide-captcha-40-ps-1417-add-a-captcha-to-your-forms-support-iphoneipad/

https://github.com/nenes25/eicaptcha - I'm using this one on some customer sites very succesfully, take latest modul version 0.4.12 from HERE: https://github.com/nenes25/eicaptcha/releases/tag/0.4.12

or any paid one on the official addons site:

https://addons.prestashop.com/en/search?search_query=captcha

 

[MartasPayne]

Unfortunetly nothing helpful.

I tried everything.
Yesterday I bought this module too:
https://addons.prestashop.com/en/contact-forms-surveys/26997-captcha.html

Today another spam arrived to our mail.

Some helpful advice?

[selectshop.at]

1) After integration of captcha, you also deleted the smarty cache of your server and browser cache ?

2) Once your mail-address is listed on their mailing list you will receive spam, but this is not coming from your contact form (it could be a clone fake - check if the sender is your own server IP).  What you can do is to blacklist IP of sender (if it is not yours), or use another firewall possibility on your mailserver (spamassassin, SPF, DNS). Perhaps it is also not a bot, but a kiddy human sending spam from your mailform manually. In this case you can only analyse server logs, on the time when mail was sent and try to discover the IP from this person and blacklist it on firewall, so he cannot access your page. If this user is proficient and using proxies, than the only thing is to ignore the 3 or 4 mails he is sending. It is not a bot, but a human !

 

[bhomrah]

Hello , 

for Mail.ru  or bk.ru

if you do not have customers from Russia , so Fastest solution to go your Geo and block countries Russia , Ukraine , Belarus so it will solve your current spamming problem , since this spammer make lottery spam for Russian speaking country  , they mostly use Russian IP..

This capta was not helping , even blocking contact form , block plugin folder was not helping because they  use clone of our contact form ...

i have change email to gmail and hotmail , at website contact form ... but then less email was coming to it but coming .... so temporary blocking countries helping Perfectly .. 

As i see that your contact form is in Russian means your website also for Russian customers ... so only help to track email ip address and block that IP address in below details you can get ip address and also in google many options ... 

www.cyberforensics.in/OnlineEmailTracer/index.aspx

 

 

Edited March 4, 2018 by bhomrah (see edit history)

[selectshop.at]

On 2.3.2018 at 12:12 PM, bhomrah said:

Hello , 

 

i have the same problem, change in contact form where is webmaster and customer contact email , change there email to gmail or hotmai

This is a question ? Problem solved, or not ?

[iwoh]

I have the same problem, but I'have prestashop 1.7.2. Why? I have this problem? What should I do? The same, what is above written?

[selectshop.at]

Use the module eiecaptcha. There is a version for PS 1.7. available.

https://github.com/nenes25/eicaptcha/releases/tag/2.0.3

 

[Walrus]

EI Captcha didn't help. Someone said in another thread you also need to modify your ContactController form. I found a tutorial on how to do it but was getting errors. With another kind soul's help, I was able to add reCaptcha manually. I uninstalled EICaptcha and deleted it to see if manual method made a difference. So far, no spams from Russian spammers.

You can find instructions on how to do it if interested here: How do I integrate reCaptcha v2 into Prestashop?

As to blocking IP address, it has no effect because spammers seem to be spoofing the IP. As to enabling Spam Assassin, I had done it.

[RabbitZzZ]

The simplest way that has worked for me on different shops was changing the friendly urls of the contact page.

[jaultop]

from webmail add mail.ru , bk.ru to block list 

[jetway]

Well Captcha usually works but if not just check for a pattern in the "attack". For example they might always use the same email, this is usually not the case but could be. Then modify your ContactController to not react to such spam. I have implemented my own way of detecting Spam and it worked. Spam always has certain patterns.

[MackStores.Com]

we have a module that stops russian spam too

 

[MackStores.Com]

On 3/19/2018 at 9:02 PM, RabbitZzZ said:

The simplest way that has worked for me on different shops was changing the friendly urls of the contact page.

this works and our moudle has the facility to change within our module the friendly url of all languages installed in same page