Hacking Attempt: Same entry in multiple fields

Every day we get 0-10 submissions via a Gravity Form we use for Customer Service. These submissions repeat what appears to be a valid human name in multiple fields. There appears to be no repetition in these names. There is never a submission of any data other than the name; no email address, etc.

Has anyone else experienced this? We only see this activity on one of many forms we use in our site. It appears to be some kind of script-based attack on the form but I cannot figure out what they are trying to accomplish, other than just creating spam in our internal process.

I thought about trying to write conditional logic that would check to see if someone entered the same value in multiple unrelated fields but I can’t seem to figure out how to test the data in one field against the data in another.

Sounds very much like an automated spam script. Have you enabled the honeypot field? It can stop a lot of those attacks.

A couple of months ago, I started seeing a lot of automated spam getting past the new, updated honeypot field as well. Likely that spammers are automating attacks using headless Chrome so that JavaScript runs before the form is submitted, defeating the honeypot field.

I now use the Turnstile add-on with Cloudflare Turnstile and it has stopped automated spam again. If the honeypot field doesn’t stop your spam, consider using Turnstile.

Looks interesting. We’ll give Turnstile a try.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.