Spammers are using a bot to sidestep barriers that Microsoft Corp. has erected to keep scammers from creating massive numbers of accounts on its Live Mail service, a security researcher said today.
Dan Hubbard, vice president of security research at Websense Inc., said the bot was designed to break CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) defenses, the distorted, scrambled character codes that many Web services use to block automated registration of hundreds or thousands of accounts at a time.
The bot, said Hubbard, grabs the CAPTCHA -- which is not plain text but actually an image -- and sends it back to the spammer's server, where the image is somehow "read" and a clear text match is generated. The text is then sent back to Live Mail, where it's plugged into the box where users normally type the CAPTCHA characters.
Microsoft, Windows Live, Windows Live Mail, CAPTCHA, Spam, Spammers, Bots