Saturday, December 19, 2009

Trick Bots from Stealing Email Address with jQuery

I’ve used several techniques for tricking the web robots into stealing an incorrect email address, but I think I finally found the easiest and trickiest way. If the web robot understands JavaScript, then this may or may not work depending on some variables. Anyhow…

I setup a basic href like this:

email: <a href="mailto:info@mydomain.com" title="email me">realaddress[[at]]mydomain[[dot]]com</a>.

When a robot comes along, I’m hoping they’ll just do a scan for mailto: and then take that address and assume I haven’t done anything else on the page. The href is a real address for my site so users that don’t have JavaScript enabled can still email us, but we primarily set it up for bots and spammers.


On to the jQuery!

<script language="javascript" type="text/javascript">
$(document).ready(
function() {
$(
'a[href^=mailto:]').each(function() {
e = $(
this).text()
.replace(
'[[at]]', '@')
.replace(
'[[dot]]', '.');

this.href = 'mailto:' + e;
$(
this).text(e);
});
});
</
script>

All this small script does is scans the page for href that starts with mailto: and loops through them to perform the replace function. I have a variable there called e for email and it gets the text of the href and replaces the [[at]] and [[dot]] with the actual @ and .. After I replace the @ and ., I set the href equal to a new mailto: with the e variable and then I set the text to match. Pretty simple & tricky I thought.


Please let me know your thoughts! Thanks for reading!

kick it on DotNetKicks.com

blog comments powered by Disqus
Related Posts Plugin for WordPress, Blogger...