SOLVED

Re: How to exclude spam without captcha

Go to solution
sparashar
Level 2

How to exclude spam without captcha

Hello Experts-

My organization has seen an influx of spam/bot leads filling out our Demo Request form. From what I have been told, the complexity of our organization deems it impossible for us to use captcha. Is there another way that we can identify such spam records at the source and delete them from Marketo?

SP
1 ACCEPTED SOLUTION

Accepted Solutions
Darshil_Shah1
Level 10 - Community Advisor

Re: How to exclude spam without captcha

Well, I believe your options are pretty limited here. What are the reasons behind not being able to implement the CAPTCHA on your forms, is it due to privacy concerns?

 

Even with the CAPTCHA in place, there's a possibility of bot submissions creeping into the Marketo database. Without it in the first place, you could potentially rely on pattern matching, e.g., time/IP-based verification, though they're not gonna be 100% reliable. If you're receiving too many form submissions from a particular IP address/IP range, then you can investigate those form fills. You can also use behavior-based tracking to assess user interactions before form submissions. For example, if a user hasn't visited any other pages on your website or spent very little time on the site before submitting the form, it might be suspicious. Also, just for your reference, honeypot fields don't work as bots could easily identify the honeypot requirements on a form, and could skip filling in the value for that field while submitting the form.

View solution in original post

3 REPLIES 3
Darshil_Shah1
Level 10 - Community Advisor

Re: How to exclude spam without captcha

Well, I believe your options are pretty limited here. What are the reasons behind not being able to implement the CAPTCHA on your forms, is it due to privacy concerns?

 

Even with the CAPTCHA in place, there's a possibility of bot submissions creeping into the Marketo database. Without it in the first place, you could potentially rely on pattern matching, e.g., time/IP-based verification, though they're not gonna be 100% reliable. If you're receiving too many form submissions from a particular IP address/IP range, then you can investigate those form fills. You can also use behavior-based tracking to assess user interactions before form submissions. For example, if a user hasn't visited any other pages on your website or spent very little time on the site before submitting the form, it might be suspicious. Also, just for your reference, honeypot fields don't work as bots could easily identify the honeypot requirements on a form, and could skip filling in the value for that field while submitting the form.

sparashar
Level 2

Re: How to exclude spam without captcha

Thank you so much Darshil. Specially for the tip about honeypot. We were counting on using honeypot but, we were not sure if that would work. I think I will have to dig a little deeper into why we had decided to not use Captcha and hopefully start using it again instead of relying on honeypot fields.

SP
Darshil_Shah1
Level 10 - Community Advisor

Re: How to exclude spam without captcha

Well, yes, the honeypot is unlikely to be as useful as users usually hope it to be. CAPTCHA is a more resilient approach to detect spam form submissions any day.