We've been having issues with Bots filling out forms on our pay-per-click campaigns and I'm exploring ways to block them. We have used Bot blockers such as reCaptcha and URLs on the webpage only visible to bots. I was wondering if there is a way to use a hidden field on a form (only visible to bots) and if the field has information in it to block it from processing.
If anyone has other solutions for blocking bots, I'm all ears.
Such fields are useless: any bot capable of sending a valid field checksum is equally capable of recording which fields are never populated. Child’s play for even a beginner bot author.
(Also, it’s not possible to block the form data from initially entering Marketo, even if you delete it immediately.)
You’re already using Marketo’s native reCAPTCHA v3 support?
We are however, our Google Account Manager suggested we make a honeypot on the page where we can capture Bots. Do you have any ideas for ways to make a honeypot?
Like I said, there’s no honeypot that can’t be neatly skipped over by a well-written bot. Why would anyone claim otherwise?
For example, how would a bot that can simulate form.submit() with valid fields + checksum (the bot can’t simply populate fields and send a native POST, it must either automate JS or calculate the SHA-256 internally) not just skip fields that stay empty on the wire? It’s child’s play to build such a bot for any Marketo form.
Simulating reCAPTCHA, on the hand, is a different and way more complex task.
Adchoices