Why isn't Google Captcha stopping blatantly obvious spam?

Before you even ask, yes I have saved the campaign and updated the code on my website. Everything is up to date. I’ve also been adding exclusions to my Infusionsoft spam filter like crazy and the bots just bother us even more! How can your software not spot obvious things like a bot entering WINnuh WINnuh into the first and last name fields?! Infusionsoft’s web form and captcha aren’t spotting blatantly obvious spam! It is most frustrating paying for a service that delivers us so much garbage. Please get a fix before my boss overrules me and requires me to switch us to Clio GROW!

Any number of things could help, such as some form rules like:

  • If more than four words are entered into a Name Field, then reject;
  • If the same word(s) are entered into the first and last name fields, then reject;
  • If the same word is entered into the city and state fields, then reject.

You could even offer options like if a link is entered then reject the submission. None of our desired contacts are ever in a situation where they need to provide us a link or url. I know some businesses probably have that situation, so it would be nice to allow us to choose whether or not we want to allow links to be submitted via our web forms.

Please do something to help us stop the bots.

Every time you make a better lock, you also make a better thief. This means that there are spam bot programmers out there specifically figuring out ways to work around recaptcha. My company will be releasing a non intrusive product that will categorically prevent anything that is not human from submitting forms as well as verifying the validity of email addresses in real time, checking for spam, honeypots/spam traps, frequent complainers (reports spam often) and more…but we’re a few weeks out of release. We’ll be calling it ListDefense. If you’d like, I can place you on our notification list to let you know when it’s released so you can check it out when it’s ready :wink:

To answer your question “why recaptcha does not work”:

Recaptcha shows challenge only if it suspects. The most common matrix it uses is repeated submissions from same IP.

Spam bots have huge pool of IPs (of unsuspecting infected computers around the world). They don’t repeat the IP often. So recaptcha does not suspect it as spam, so it does not show the challenge.

Just few weeks ago, Infusionsoft implemented recaptcha v3, which was supposed to get rid of spams, but obviously it did not.

It seems you are using webforms, you should check out https://spamkill.ideasquarelab.com . It is our product, tested by several users and ICP/KCPs. You can checkout their reviews.

We do not want you to go by the reviews of others. We have 90-day trial so you can test it out before paying anything. And, for some reason, if you find 90-day trial insufficient, contact the support and we’ll extend the trial.

How does that sound?