Of late I have noticed in my action recorder that someone is posting messages with nonsense messages.
I have Captcha setup and I have also added some custom sanitisation to kill the process when certain criteria is met. All of these posts are coming from he same region (Russia) so it is clearly the same person(s) carry this out. I have asked my host for a security scan which has passed, what are they trying/hoping or what might they have achieved. I can see at least 6 months of this type of activity so I can't imagine they must have had some sort of gain or success to date.