Call Ozdachs at 415.347.6479|info_request@ozdachs.biz

Don’t Let Your CAPTCHA Get in the Way of Your Business

CAPTCHA examples from LastPass forumsMore and more sites are using CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) to keep spammers from registering on web sites, from posting phony comments on blogs, and from generating in-bound breast enhancement messages on forms.

I approve of CAPCHAs in general because they are simple for site users and they cut down on bogus messages, both those publicly posted and those sent to the business owner from a form.

But, enough!

CAPTCHAs are not going to be 100% effective against determined spammers, and efforts to increase the effectiveness of the CAPTCHA test has crossed the line into driving visitors away from doing useful business on some sites.

The CAPTCHAs on the right are full-size copies of ones I copied from my screen this morning when I was registering for a forum on the LastPass web site.  Once I completed the registration form, I would be sent a confirming email to activate my account — another validation step to prove my humanness.  But, I couldn’t get the CAPTCHA right in my first 6 tries.

But, look at these images!  LastPass is doing more than protecting itself from automated comments in its forums, it is driving away real-life users.

These CAPTCHAs are simply too difficult to read.

  • The colored characters are too well camouflaged by both the background color and background pattern.
  • The characters are ambiguously drawn.  8’s and B’s, numeric 0’s and alpha o’s  are possible answers for some of the drawings. How is the user supposed to know which o/0 to choose?
  • There are a variable number of characters in the images.  This makes me wonder if the CAPTCHA-generating routines were working, or if some of the CAPTCHAs are simply faulty and impossible to answer.
  • These CAPTCHAS are particularly hostile to people with visibility issues.  I am not colorblind, but the use of red and green images is plain nasty.  And, unless you blow up your screen, the images are sized for the eyes of the young.

LastPass provides great functionality and responsive customer service, but they’ve joined so many organizations in over-CAPTCHAing their web sites. And, they are far from the worst offenders.

Craigslist is at the top of my list of  CAPTCHA-crazy sites.

Admittedly Craigslist is a very juicy target for spammers and outright criminal frauds.  But, their CAPTCHAs are ridiculous.
CAPTCHAs from Craigslist
The images on the right are ones Craigslist offered to me this afternoon when I was going to post an event for my church — information about the Sunday service.

Before seeing these images, I have had to register with Craigslist. Registration includes providing them with:

  1. An email address which they validate.
  2. A telephone number which they contact with a validation code. The automated message from Craigslist comes into my phone and gives me a numeric PIN which I have to type into a validation page on the Craigslist web site.

So, with Craigslist, I have to have an active account with a checked email address and a validated telephone number.  THEN every time when I want to post an event, I have to type in a CAPTCHA.

And, look.  Some of the CAPTCHAs have foreign-language characters. Others are too blurry for me… maybe an automated character recognition program could read and type in what’s presented by Craigslist, but I can’t!

Time for Dangerous Common Sense for CAPTCHAs

CAPTCHAs are intended to make sure real humans are filling in the forms. But, soon only the character-recognition programs will be able to decode what the CAPTCHA-generating programs have created.

It’s nuts.

Designing your web site design for determined crooks is not good business!  Focusing on the crooks will cost your web site legitimate business.  Pass it on!

By |2011-06-09T12:57:04-07:00June 9th, 2011|User Interface, Web Design|0 Comments

Who’s Reading Your Blog

A client was puzzled because her business was tanking but it seemed like everyone was reading her blogs. She was getting a lot of comments encouraging her to keep up the good work and telling her how valuable her insights were.

Why weren’t those happy readers calling her for her services?

Sad to say, when I looked at her blog I discovered that it was mostly a spam magnet.  She was getting phony comments from automated programs who were carefully linking back to their own site.  Her blog was being used as a way to deceive Google into thinking that the spammers had a popular web site of their own.

If you’re running a blog, you need two tools:

  1. A spam application that catches suspicious comments and holds them for your approval before publishing them
  2. A comment mechanism that instructs Google not to follow links in comments.

The first tool is essential.  This blog uses a spam filter that catches 100’s of attempts by automated bots to link back to their site.

The second tool is now industry standard for blogging programs like WordPress.  It makes your blog less attractive to smart spammers by robbing them of the Google boost IF any of their spammy comments should get through.  This precaution may make you feel better should the anti-spam program slip up and allow a malicious comment to be published.  However, it generally doesn’t lessen the amount of spam on your blog because most spammers use a shotgun approach and don’t investigate to see if their spam is really going to help them.

Your blog can be helpful to your business and your reputation. Blogging is fun, too!

However, practice safe blogging.  It’ll help you collect realistic statistics, and by robbing spammers of their links you’ll be doing your part to fight slimy Internet practices.

 

By |2011-04-28T18:27:21-07:00May 7th, 2011|Blogging|0 Comments

Get More Newsletter Readers: Answer the Spam Challenge

Spam challengeMore and more people are trying to cut down on the spam that floods their in-boxes. Some Internet Service Providers like Earthlink and Web Hosting Services like Webmasters.com offer built-in spam challenging logic to their email accounts. Because I have several active email accounts I use Spamarrest to limit what gets passed along to my inbox.

These spam-limiting features all work by finding out who sent the email to you and then doing one of three things.

  • If the sender is someone you know of and approve, the message will be forwarded to your inbox.
  • If the sender is someone you know of and have blocked, the message is deleted.
  • If the sender is someone you don’t know, the sender is sent a request to verify that they are a human and not an automated spammer (see example at the right). If the sender responds to the challenge within 7 days, I get their original message and they are put on my list of approved correspondents. If the sender does not respond, their message is deleted in 7 days.

A huge majority of my email, over 95%, is in this third category. And, a huge majority of those messages are from automated spammers who never answer the spam challenge and whose messages are deleted in a week.
Spam statistics

Occasionally I look through the hundreds of messages from unknown senders. Whenever I do, I usually see a newsletter or group mailing from someone I wouldn’t mind hearing from.

But, they didn’t answer the spam challenge.

This failure to respond is a wonky waste of time. Their business has spent hours of time — and therefore lots of money — preparing the mailing to me. But, after they mail their message, they don’t go through the replies to the newsletter to see that my automated service didn’t recognize the newsletter’s email address and wanted to verify that there were people behind the message.

All the newsletter writer would have to do would be to click on the link in the challenge email and then fill in a CAPTCHA or answer a question. They would only have to do it one time, because the the email address would be added to the approved list and future editions of their newsletter would be delivered automatically.

Worse, in my experience sending newsletters, a fair number of clients and prospects will reply to the newsletter itself with questions or even orders. If the sending business hasn’t assigned anyone to read the replies, then it is missing business in addition to readers.

It’s simple. If you send out an electronic newsletter, give someone in your organization the task of reading replies sent to the newsletter address. Have them answer the spam challenges. Tell them to answer the messages placing new orders, too!

By |2009-09-22T07:01:57-07:00September 22nd, 2009|Marketing|0 Comments
Go to Top