Spam breach on new reCAPTCHA?

We are seeing what appear to be robo-spam submissions coming from our IS contact form (for the first time ever), after removing the legacy captcha and installing the new Google ‘No CAPTCHA reCAPTCHA’.
So far we have updated the form code twice, first on Oct 10, most recently on Oct 20.
I noticed we aren’t the only ones reporting this issue.
Is it still possible to revert to the legacy captcha? I think we may need to go there if we can’t get a solid fix.
Thanks for your feedback! :slight_smile:

Update: We are seeing 1-2 spam messages per day from the contact form. I realize that implementing the new recaptcha is a work in progess as spambots become more agile at circumventing the recaptcha code.

In the meantime, I have removed the recaptcha javascript from our contact form html. All users now go to the Spambot Detection’ page on Infusionsoft and are forced to click the ''I’m not a robot" recaptcha checkbox. Will see if that makes any difference. Mick in support assured me the legacy captcha will still work for now if we decide to revert to that solution. Thanks Mick! :smile:

1 Like

Hi @Bodhi_Goforth,

You’re not going to find something that catches every last one. Spam bots don’t all use the same approach to bypassing webforms and emails. You can account for the vast majority but there is literally 100’s of ways to accomplish getting around prevention methods like this. The two you mention are obviously using a different, though less common, approach.

1 Like

Thanks @John_Borelli ! I appreciate the feedback!

Hi I/S help - we have also updated to the new reCaptcha and are finding a lot of spam bots getting through.

Could someone please take a look as I have just tested a form, and can’t see the recaptcha appearing at all (maybe as I don’t look suspicious?). Is it active on this page? It should be active - I have set up the form correctly and it is embedded via a Javqascript snippet on the site.

Looking forward to your response! @John_Borelli

Hi @Christine_Bucca,

I looked at the code and the re-captcha does exist. I believe it will only show up on an initial failure for submitting the form, otherwise stays hidden away:

Note, however, in the image, that the submit button upon failure also is hidden out of reach.

HI John,

No it’s actually not working we are getting a lot of spam through these forms, looks like we are going to have to go back to the old captcha form.

Interestingly enough, our genuine users are also experiencing difficulties now as they are saying the form submit button just leaves them hanging, or else returns them to the same page. (yes this could be a used issue but we haven’t had any problems like this in thet last 12 months with these forms so it is a bit strange?)

@Bodhi_Goforth - how did you do this??? I would LOVE TO have this option! Would love to give this a try if you can share. We, too, have the Javascript form embedded.