Troy Hunt, creator of the useful Have I Been Pwned site, wanted to exact revenge on spammers who waste his time, so he created a form that wastes their time. When a spammer emails him, he replies by saying:
This is exciting and might empower a cutting-edge partnership! I'd like to invite you to leave your information on my special registration form, it will only take a moment.
We look forward to exploiting the cross-platform mindshare together
Regards,
Troy Hunt
"By following the link, the spammer ends up here," explains Hunt, who adds, "you're welcome to follow that link and have a play with it.
Once the spammer gets to the form, they are asked to create an account with their email and password. But when they enter a password, they are told they must modify the password (e.g., "Password must contain at least 1 number"). But no matter how many different passwords they use, they are told they must do something else to make the password conform (e.g., "Password must contain a United States zip code," "Password must end with dog").
Hunt receives automatic reports when a spammer falls for his trap:
Read more about Password Purgatory here.
