The Applecado blog

Spam Through Your Website’s Contact Form?


Spam is becoming more of a nuisance in today’s busy lives as we spend more time connected to our devices, and online services. While the email hosting giants try to do what they can, we’re see larger and larger volumes of spam emails cluttering up our inboxes.

If you’re running your own business, or in charge of managing day to day messages through your company’s website contact form there is a little hope if you find yourself receiving yet more spam from ‘robots’ violating your form.

Disadvantages of using Captcha

Captcha ain’t all bad, easiest examples include ticking a box to declare you’re not a robot. However, there are more and more complicated examples including choosing what’s in photographs, and those eternally annoying combination of skewed letters and words. Is that a capital letter or lower case but large?

Recapture Example
*An example of a newer, less obscure (but still annoying) ReCaptcha

We should NOT be making things harder for our customers to use. We all have enough competition already, so frustrating your users even further may just drive them away.

Introducing the Honeypot

A honeypot even sounds good doesn’t it?

Essentially a honeypot allows us to detect whether the completed message was sent from a human or a spambot, spammers are shown a unique field, hidden from human view. If the website gets a message including this little extra field, we know it wasn’t a real person trying to get in touch and we can filter these from being sent to you.

I’ve drawn up a couple of quick examples to help illustrate how this field works. The spam bot reads the form’s HTML so it sees this greyed out box asking to confirm your email address.

How a bot sees the contact form

Your customer can’t see it, form them it looks like this.

How we see the contact form

It’s as simple as this; when a message comes through from the website with only the email address field completed once, we know it’s real and that you need to see it.

A honeypot won’t affect your orders, it won’t prevent customers and potential leads from getting in touch with you so you’ve nothing to lose installing one.

We put honeypots in as standard on the sites we build, we think it’s the right thing to do and while it takes a fraction longer, it saves your time and sanity!