• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Just Peachy Consulting and Web Design

Just Peachy Consulting and Web Design

  • Home
  • Websites
    • Portfolio
    • Website Care
    • FAQ
  • Technology Consulting
  • Content Marketing
  • Blog
  • Contact

How to Stop Contact Form Spam

June 21, 2017 by Alexandra Martines 4 Comments

If you run a blog or website, you probably have a contact form. If you have a contact form, you’re probably getting the occasional spam email.

Some of the bloggers I know have embraced the spam as part of running the website. They see a new email from their site, have that moment of excitement, then realize it’s just junk and delete it.

Others try to combat it. They add spammers to their junk filter or add a CAPTCHA to their forms. But then their legitimate users complain about emails that can’t get through or unreadable CAPTCHA gobbledegook.

Perhaps the worst outcome – some of my friends and colleagues fall for the spammer’s message. They read the email as a legitimate person offering business services or a profitable partnership, and get taken for a ride.

In this post, I’ll explain how you can identify spam messages and prevent them in the future.

How to Stop Contact Form Spam

What Form Spam Looks Like

You can ask yourself the follow questions when reviewing an email from your site’s contact form:

  • Are there a lot of typos?
    Everyone makes mistakes, but a message littered with consistent misspellings or odd phrasings is more likely to be spam.
  • Did they use a real name?
    If the person who filled out your form used only a first name, or no name at all, it’s probably spam.
  • Does it contain any suspicious links?
    Look at the links contained in the message. Do they look short and friendly, or are they long and jumbled? The latter is a good indicator of spam.
  • Is the offer too good to be true?
    Spammers know what business owners need – more publicity and more time. Be wary of offers that seem to solve all of your problems, as exciting as they can sound.
  • Is the subject line attention-grabbing?
    Clickbait-y subject lines make you more likely to open the message, and spammers know that.

Why You’re Getting Form Spam

Spammers have something to gain from bothering you – your click. Often the website they link to isn’t the one it appears to be, and may try to capture some of your information. Other times they run a scammy business-to-business model that takes advantage of busy entrepreneurs who need to outsource some of their work.

However, it’s unlikely that this is a targeted attack on you or your website. Spammers can purchase hundreds or thousands of bots to crawl websites, find forms, and paste in a template message.

How to Stop Form Spam

Earlier in this article, I talked about using CAPTCHAs to prevent form spam, and that’s certainly one way to do it. However, I’m never in favor of inconveniencing humans due to robot mischief. So here are a few ways to prevent form spam without annoying your real, human visitors.

Easy: Use a Honeypot

This is number 1 for a reason, as it’s my go-to for almost all sites. A honeypot is an invisible field on your form – humans can’t see it, but bots can. And those form-hungry bots will fill out the field, and get shuttled right into Spam where they belong.

Gravity Forms has a built-in honeypot setting you can enable on your forms, which is just part of why it’s my favorite form plugin.

If you’re using Contact Form 7, you can use the Contact Form 7 Honeypot plugin for the same effect, but you’ll have to do a little bit of configuring on your own. Check out a video guide for setting it up here.

Ninja Forms also adds a honeypot to all forms by default.

Medium: Add Akismet to Your Forms

Akismet is Automattic’s answer to spam. (You might also know Automattic as the people who make WordPress). It’s that little plugin you see installed by default whenever you set up a WordPress site. Akismet is cloud-based anti-spam software that processes data from millions of websites to learn what spam looks like and get better at detecting and preventing it.

Setting up Akismet is easy, and you can follow the steps at Akismet.com.

When Akismet is active on your site, it automatically works in the background with any Gravity Forms you’ve set up.

With Contact Form 7, you’ll need to do a little work yourself to integrate Akismet. You can find instructions for setting it up here.

Here’s an example of a normal email field in Contact Form 7:

[email* your-email]​

This is what it looks like once you’ve added the akismet tag:

[email* your-email akismet:author_email]​

Unfortunately, Ninja Forms doesn’t currently integrate with Akismet.

Difficult: Add an “I’m not a robot” Test

Google recently released a better version of reCAPTCHA. Instead of asking people to read street signs or answer math problems, this version presents a simple checkbox with the text “I’m not a robot.”

If you’re curious how it works, the full answer is technical but the simple answer is that Google can predict how a human would move their mouse to click the checkbox as opposed to how a bot would check the box.

I’m still not a fan of inconveniencing users to stop bots, and this solution does have some potential drawbacks to visually impaired or physically disabled users of your site, but if you need serious Spam protection and the first two options aren’t enough, it’s a solid choice.

Gravity Forms includes a simple reCAPTCHA field that you can add at the end of a form, just like you’d add any other field.

You can also add a reCAPTCHA to Contact Form 7, but, again, you’ll need to do a little work. You’ll want to get a secret key from Google, insert it into the Contact Form 7 Integrations area of your website, and add a [recaptcha] tag to your form.

The process is similar for using reCAPTCHA with Ninja Forms, but instead of adding a tag at the end, you’ll see a new field option.


Overall, the easiest way to prevent spam in your forms is to start by using Gravity Forms, since it has so many built in anti-spam features already. How do you prevent spam in the forms on your site? Have you had success with one of the methods above, or something else completely?

Filed Under: Blog

Reader Interactions

Comments

  1. Chris says

    April 19, 2019 at 2:30 pm

    I use Beep.IM as a contact form site where I direct my potential clients. Let someone else do the hard work while I work on answering mails that need to be answered.

    Reply
  2. Tony McBride says

    March 17, 2020 at 2:45 am

    Another alternative is to use AI (artificial intelligence) to weed out spams. I use Ivertech Spam Free Contact (https://spamfreecontact.ivertech.com) which has AI built-in to recognize spams. I just needed to copy one line of HTML code and paste it to my site. It has Google reCAPTCHA as well. It’s surprisingly easy to set up.

    Reply
  3. Jennifer Norene says

    January 2, 2021 at 7:32 pm

    Thank you!
    Good content.

    Reply
  4. Renata Barnes says

    January 23, 2021 at 7:45 am

    I am curious how one can stop messages that look like they have been sent by you, i.e from (your email) to (your email) via contact forms with compromising messages.

    Obviously the sender is cloaking their email address and getting past captcha, so how can you stop this?

    I am going to be doing a post about and will backlink you.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

{{Privy:Embed campaign=474067}}

Recent Posts

How GDPR Affects US Small Business Owners

Disclaimer: This isn't legal advice, and I'm not a lawyer. If you've been reading your emails, you know there have been some big changes to online privacy laws lately. Most of this chatter is about … Read more about How GDPR Affects US Small Business Owners

When to Hire a WordPress Professional to Customize your Website

With WordPress sites running the gamut from basic blogs to massive eCommerce stores, it can be difficult to figure out when you need to hire a WordPress professional and when you can DIY it. If … Read more about When to Hire a WordPress Professional to Customize your Website

The Easiest Ways to Customize a WordPress Theme

One of the trickiest things about DIYing a website for your business is creating something that looks as gorgeous as you imagined it would. From buttons that seem to be stuck at blue when your brand … Read more about The Easiest Ways to Customize a WordPress Theme

Why Website Maintenance Matters

Just like a car, websites require maintenance to keep them working. Your car won't take you very far if you never change its oil, and your website won't take your business very far if you don't look … Read more about Why Website Maintenance Matters

Why Small Businesses Should Care About Net Neutrality

If you're reading this article right now, chances are you have Internet access at your home or work. If you have Internet access, there's about a 98% chance you've heard something about how the FCC … Read more about Why Small Businesses Should Care About Net Neutrality

Footer

Connect

  • Facebook
  • Instagram
  • LinkedIn

Contact

(413) 376-8822
[email protected]

Quick Links

  • Cart
  • Terms
  • Privacy Policy
  • Cookie Policy
Change Cookie Consent

Keep Up

Subscribe to the latest in tech tips and web strategy.

Copyright © 2023 · Business Pro on Genesis Framework · WordPress · Log in

Request a Website Audit