Another forum I post on is having a lot of trouble with spambots recently. In order to ward them off, it has a test common to a lot of profile-creating sites; during the sign-up, you get a series of pictures of a code (not the actual text) which you then have to re-enter. That way, a bot can’t simply use the text on the page itself since the code isn’t text.
One way I can think of to get round this would be to look at the filenames of the pictures. For example, if your random code is gj039u23, and the filenames are g.jpg, j.jpg, etc. a bot could be programmed to try entering the filenames of the pictures on the page (something that would take time if there’s more images than just the code ones, but would eventually work). I don’t know if something like this is possible, though.
Anyway, does anyone know how spambots can get past this test, and ones like it?