Shank said:
poppycock! Not even close to anything like that. Because it's not
possible, no sense in discussing. thanks
It IS possible. In fact, I'm even doing that as we speak to someone to
sent me a scam mail. In Norwegian, mind you! (My native tongue!)
So I decided I'd send an invoice to the company who sent me the scam
mail for services done on the site "as part of your job request" (page
testing, validation, that sort of thing). I didn't get as far as
putting stamps on the envelope when I found several news articles (from
reliable news sources), describing these people as scammers (as their
so-called address was pointing to a nonexistant mail box at an
apartment building - they did try to ring every doorbell in that
building, without a trace of the company).
By taking a quick look at their order form, I found it to be insecure
enough for me to write a quick Perl script that generates a random
e-mail address (of the example.com domain-type) and processes the order
form with a blank order, invalid credit card (I believe I set it to
"1234567890123456"). This script is run on a cron job (scheduled task)
every minute, from 4 different Linux computers. That makes 4 invalid
orders a minute, 60 times per hour, 24 hours a day, 7 days a week. I
can only imagine the face of the bastard who has to sift through over
5760 e-mails to find that 99.9% of them are completely bogus.
Serves them right to try to mess with me.