A

Anonymous

Dealing with Spam or Bot Form Fillouts

Forum|Forum|8 years ago
June 29, 2017
33 replies
26953 views

Issue

You have been receiving form submissions that appear to have bogus/nonsensical data in the fields, such as "kjsag@sm4.to" for email address, or "111-111-1111" for phone number, or in a Comment field other random nonsensical text.

Solution

Currently, there are no default settings in Marketo that prohibit a form submission if the required fields are filled out. A great workaround for addressing these bogus form submissions in Marketo is to implement a 'honeypot' field on the form.

To do this, you will need to create a custom Marketo field, string type, and name it something distinctive (such as "spam" or "honeypot"). After creating this field in Marketo Admin > Field Management, place this new field on the form as a hidden field.

Real live end-users do not see hidden fields, but spam bots will see them and fill out all available fields. So now when we see form fills with this honeypot field "not empty," we know that it was a bot fillout.

Setting up the Honeypot Field

Say that you have a Trigger Campaign that's having some issue with these spam/bogus form fills. In the flow of this campaign, you can add a flow step at the top: Remove from Flow, with a Choice.

Choice:

If Honeypot field Is not empty, then remove from flow

Default: do nothing

This way, the lead record is removed from the flow. You can also have other campaigns to handle these bogus form fills, such as a daily recurring batch to delete the record.

Other Options

Another method of dealing with bot fillouts is to enable a reCaptcha. In fact, a very prolific Marketo user has written custom code that you feasibly could use to enable a reCaptcha on the form! Check this out: https://codepen.io/figureone/pen/meybqN?editors=0110

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Show previous replies

Steven_Vanderb3

Adobe Employee

Hi Jeff!

There's definitely an appetite for reCAPTCHA fields natively on Marketo forms. Currently we are doing some behind the scenes work to implement more ways to stop bot submissions before they can enter your database by identifying traffic and submission patterns, and either challenging the traffic with CAPTCHA afforded to us through our Cloudflare partnership or stopping the submission of the form altogether. We are targeting early 2020 for that work to be completed. Form level reCAPTCHA is not currently committed to our roadmap yet but it is a feature we are strongly considering adding to further bolster our forms.

Nii_Tagoe

Level 2

Hey Sanford, thanks for all the word you put into helping us with Recaptcha implementation, just have some questions about where these pieces of code should exist. Thank you!

SanfordWhiteman

Level 10

The HTML goes in the body of your page -- it's the form embed code and another <div>, neither of those elements can go in <head>.

The CSS can go in the Form CSS or in an on-page <style> or in external CSS. I usually have a separate CSS file for form styles.

The JS goes in a <script> tag, which must be after the embed code.

Also note this setup is for the old reCAPTCHA, these days the reCAPTCHA v3 is all I use.

If you have more questions, please open a thread in the Products space (you can link back here for reference).

Issue

Solution

Setting up the Honeypot Field

Other Options

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded