My marketo forms are getting spammed. I think it is a botnet since it comes in spikes and most seems to be from Florida. Is there any way to block or filter this? I understand captcha isn't an option with marketo forms.
Marketo has a built in protection via a hidden field called marketo_comments. Basically if this gets filled out by a bot it does not allow the form to submit. Since that is not working for you... you could test asking a basic question like like what is 1+1 and if their answer does not match it would delete the lead.
Do yourself a favor and take a look at these spam records and see if you can find any additional similarities (besides being from Florida) between them e.g. inferred company.
Marketo implements a native mechanism that is very standard across the industry. You will find nearly identical implementations in Salesforce, SugarCRM, Oracle, SAP, Amazon, Google and many more.
Spambots are and will remain an annoyance in the foreseeable future. It is just like vandals in the real world.
Combating spambots is a cat and mouse game: we create mechanisms to deflect or deter them, they explore new ways, come back again until another door is closed and that goes on. They tend to target database driven websites because they know that is where it is going to cause most inconveniences.
An extremely simple yet very effective solution is adding noscript tag.
Open the landing page being attacked, click "Landing Page Actions" on the top right corner and select "Edit Page Meta Tags" Enter the following extract on Custom head HTML - replace www.example.com with your homepage or any URL, including an invalid to force HTTP 404: