Best way to combat spam form submissions?

Recently, we started getting thousands of spam submissions to one of our forms, daily.

Google captcha doesn’t work. The submissions are not coming through our website, but via the Influsionsoft-hosted URL.

We’ve replaced the form with a new one several times already and are manually deleting the spammy contacts on a daily basis.

However, this is time consuming.

The best would be if we could segment those contacts based on “username contains”, IP address or other and then either auto-delete them or exclude them from further communication.

Is this possible or is there a better way?

Thank you!

SpamKill will put an to spam submissions permanently, comes with 90-day free trial -

A short explanation why google recaptcha does not work - it does not throw challenge to every submission. It shows the challenge only for the submissions it feels spammy, mostly when repeated submissions are made from the same IP. Spam bots have a huge network of IPs, thanks to hidden malware and viruses on millions of machines around the world.

So recaptchas are not a hurdle for spam bot submissions, because they don’t repeat the IP that often.

On the other hand, a genuine user could be caught in the recaptcha loop and might have to solve the challenge 2-3 times before being able to subscribing to your content.

Hi, @Jeff_Bullas,

We’re about three weeks away from releasing a new product that works differently than anything else out there.

– Guarantees that a human is submitting the form (not a bot)
– Allows you to select the level of submissions based on the activity associated with the email (ie common complainers, spam traps, non responsives etc…you choose who’s allowed to be added to your list).
– Self validates the email fields
– Prevents invalid and spam emails BEFORE they can be added to your list
– NO RECAPTCHA or any other interfering method
– NO messing with copy/paste of the form code
– All handled in realtime before invalid emails have a chance to hit your list…and will prevent anything you specify from getting into your list.

Currently we’ll be starting this with our WP plugin that only requires the use of a short code and then expanding it to code snippets and endpoint implementations.

All of that is to say that if you’d like, I can put you on our list of those that have requested to be notified upon it’s release :wink:

1 Like

Hi @John_Borelli!

Sounds interesting ! If this is an Infusionsoft product, yes, please put me on the “notify me” list.

Will be happy to :wink:

If just PMing you here is preferred then that’s fine but if you’d like an email then PM what your preferred email would be and I’ll be sure to do that.

Hi @John_Borelli,

Has this feature been released yet, I’m struggling with the same spam issue where the submissions are coming from the form’s URL. The submissions come from different names and email addresses, but for some odd reason they have the same phone numbers, which I’m able to use to create a contacts filter and delete in bulk. It’s not an elegant solution though, as almost 90% of my form submissions at this point are spam and cloning the form and replacing the url didnt address it at all.

If it’s not yet available, can you provide a timeline and also put me on the notify list?

I’m also interested in knowing how to get the latest release of this product. Keap is a joke at stopping spam.

Hi, @Dr_Tanya_Judge,

So we are still working on it, however, it got pushed behind our build service and email marketing course. For that reason, I don’t have an exact projection at this time but will be happy to add you to the list of people to inform when we are back on it with a focused schedule for it specifically.

Hey, @Matt_Ludwig,

Spamkill won’t give you all the details we can and we pushed the WP plugin back behind our build list service and our course developement, but Spamkill does provide a rather effective way to prevent fake form submissions.

If you’d think it would help to use our bulk list service then you’re welcome to reach out to me about that or if you just need to stop the fake form submissions, maybe Spamkill will give you what you need :wink:

What does this mean? Does this protect the Landing Pages’ forms on my websites you mean? I don’t understand the relevancy of this comment.

SpamKill is working like a CHARM. $15 a month, works, It took me 15-20 minutes to get the code into my website forms, didn’t break the CSS styles too bad. I fixed those up, I can get back to work. In 24 hours It’s blocked 15 spam submissions and let 2 real ones through so far.

15 SPAM SUBMISSIONS IN 24 HOURS. Clearly Infusionsoft source code is being targeted.

Keap knows this is a HUGE issue. reCAPTCHA has been solved by spambots, they bounce right by. Honeypots are mostly ineffective. Get after it, build something in like SpamKill make it KEAPSpamKill and get it done. Obviously this is working and he’s redirecting the lead through his own server first to run source code spit-out traps which spam can’t get past. STEP your game up for your clients Keap. That’s what I do, if I don’t, I get replaced. I don’t ask them to reach out to me about something clearly already reached out to. Yes, Implement the whatever you have to to stop this!! It’s only going to get worse as we get closer to election 2020.

Thanks for answering.

Hi, @Matt_Ludwig

my comment means that the tool/plugin that will help on the form level isn’t at the top of our production…to be clear “our production” has NOTHING to do with Infusionsoft/Keap.

It’s not realistic for Keap to place the same thing as spamkill into their product. It would take a very long time to explain all of it but basically the approach spamkill takes is a conglomerate of methods being randomly applied to a form that you provide code for processing with. This would have to be adopted and adapted by Keap in order for it to work in their environment and it would take WAYYYY more than it took to create spamkill in order to accomplish that.

Sorry, but it’s much more technically complicated and if I were Keap, I wouldn’t do it either. It is accurate that Keap is being targeted by some bots. But, whenever someone comes up with a solution the programmers that created the bots will find a way around it. It’s the case of make a better lock, then make a better thief. Keap does work hard on this but it’s a constant back and forth battle that each side only occasionally wins (and only for a brief time).

Thanks John. I truly appreciate your technically detailed responses. I know I’m drastically over-simplifying but I, and others getting buried by this spam attack, want more detail and this thread had gone cold, now it’s informative. That is why I have pressed you on this.

So the next person will feel informed and good about adding another $15 expense in SpamKill to the $200+ Infusionsoft monthly spend. It’s a Machine’s world, we’re just working in it. LOL

Hi there. I’d like to purchase spamkill and I am currently testing it. I hate 360 protection. I hate all the tags by 360 protection on my contacts. Is there a way to stop it ? I want to use ONLY Ninja protection. I write to IdeaLab Support but they do not reply. Thanks for your help.