Increased Volume of Spam w/ Honeypot Enabled

Has anyone else noticed an uptick in spam on forms that have honeypot enabled? I’ve seen this on at least three of my contact forms in the past couple weeks. Any solutions for better mediating these w/o the necessity of a visual captcha? It’d be great to see recaptcha v3 support.

3 Likes

We’ve been seeing a lot more spam coming through forms even when using the honeypot field. Seems like the spammers are getting smarter. We’re looking at ways to improve the effectiveness of the honeypot. Thank you.

2 Likes

Good to know I’m not alone and this will be given some attention. I figured it might be that those bots are simply learning.

I’d be happy to hear some suggestions for this.

I work at a Dutch webhosting company and we’ve seen loads of messages from users that are getting spammed. Not just through their email accounts, but lots sent through comment-forms & form plugins.

With spam its just this annoying circle we’re stuck in. Filters get better, spammers find a way to get past them, filters get better & other solutions are integrated (ie. SPF for spoofing) and spammers find a way to get past them.

So I’d say it appears to be a more general uptake in spammers. We usually recommend integrating reCAPTCHA in all forms and personally I always install Antispam Bee as well (for the comment forms anyway).

1 Like

There’s not any single method that can catch all spammers. Best practice is always to combine different methods at once. In Gravity Forms you can enable the Honeypot + reCAPTCHA + Akismet integration.

Honeypot and reCAPTCHA will take care of spammers in the browser side of things, and Akismet after form submission. So if the spammer was able to sort out both Honeypot and reCAPTCHA, the submission will still have to pass the Akismet database filter.

Bear in mind spam is not always done by dummy bots, there are also low paid humans doing spam, so things like the Honeypot field that are intended for bots, will be useless for this kind of spammers.

There are also some third-party services like https://www.cloudflare.com and https://www.incapsula.com/ that could help to prevent the spammers to reach your site.

3 Likes

Unfortunately we can not use Akismet in the E.U. Can you offer a integration for AntispamBee too? Also, will you let us know if you improve Honeypot so we can give it a try then? My clients are not so happy with the increased number of spam messages. It was one of the features why I recommended GravityForms. Thanks.