Hi all,
I’m running SuiteCRM 8.2.3. Lately my web-to-lead form been targeted by some kind of attack, but I’m not sure what the point is.
Thankfully the incidents are low volume so far, but occasionally someone/something is signing up using randomly generated names like “45TyThT0 Otq4NfMG” and email addresses like “EV3B_generic_a72b07e3_www.judegaillot.com@data-backup-store.com”. All the form does is create a lead, so I’m not sure what could possibly be gained. I’m using confirmed opt-in, so all they get is a confirmation email (which they don’t respond to).
Does anyone have any idea what the goal of such an attack is, or what might be at risk?
I’ve just been deleting the records. The addresses all seem to be at the data-backup-store.com domain, so it might be slightly helpful to be able to blacklist certain domains from being converted to leads.