In last years, we have seen many spam attempts on older CMS (Content Management Systems) (where during “attack”/spam spree, automated spambots will generate up to 5000 spam e-mails) Statistically most vulnerable are old and not updated WordPress and Joomla (2.5 and lower) CMS’es.
What to do if/when Your website is used for spamming:

– As we have constantly reminded in our notification e-mails, KB pages here and on our Facebook page: CMS must be constantly checked for newer versions and updated accordingly (both CMS with themes, plugins and add-ons)!
– Google reCaptcha or similar additional authentication filter MUST/SHOULD BE APPLIED FOR EVERY OPEN WEB-FORM ON YOUR WEBPAGE (login/registration/feedback/comments/etc) that could differentiate web-bots (robots) from humans!
NB! Captcha plugins/add-ons that were programmed in 2008-2012 or prior, would not suffice anymore as automated scripts (robots) seem to read needed captcha from those easily! Captcha picture or math problem should be hard to guess/find (obfuscated picture – where word or sentence is not easily readable or via JavaScript where code/answer would not be easily altered by automated scripts (robots/crawlers))
An example of couple not-so-secure captchas:

If first recommendation may not be easily done (on old CMS) – 2nd one should be always applied. If/when possible, please demand using secure captcha from Your web-master/coder/developer as such an additional “minor” security filter/add-on will minimize any automated attack/spam/etc attempt to almost 0.

More information and documentation on Google reCaptcha can be found from: HERE