Spam on Contact Pages
What Is Contact Form Spam?Contact form spam is when malicious hackers or bots submit spam messages through your contact form, and sometimes use your contact form to infiltrate data about your users. So, contact form spam is how:
- You get unwanted spam messages.
- Your clients’ email addresses fall into the wrong hands.
What’s the Point of Contact Form Spam?You may be wondering, why would anyone bother to spam your contact form in the first place? What’s the point? There are two main reasons:
- Gaining access to your mailing list. As we’ve mentioned, hackers and bots can end up accessing your client mailing list through security vulnerabilities in your website once they’ve accessed your contact form. Then, they send spam emails to your clients that look as if they’ve been sent from your website. They may contain your brand’s name, logo, and even products – but the links shared are links to an entirely different website. The links lead to the hackers’ websites, who end up enjoying the benefits of increased traffic to the website, and possibly even the patronage of your customers. Or, you may just be left with the customers’ wrath. Of course, there’s also more vicious reasons for stealing your mailing list – such as spreading malware.
- Using your website to build backlinks and boost their SEO. Especially if it’s a form that directly publishes a customer-written text (like a comments section), bots will flood it with backlinks to their website, which as we all know, is quite important in boosting SEO and increasing domain authority. Even when you don’t see the damage, spambots may leave invisible links which again will get them better SEO at your expense.
Who Is Doing the Spamming?While you’re stuck with too much spam on your business website and are trying to figure out how to handle it, this question may pop into your mind: who’s doing the spamming? There are two possible culprits:
- People. Some companies hire people to fill out forms so that they can plant backlinks to their own website for that boost in SEO we talked about. The downside of this breed of spammer is that they can get past most security methods – such as using hCaptcha – and keep spamming. The upside is that this type of spamming takes a lot more time and effort on their part, so firstly, you’re less likely to fall prey to it, and secondly, it’s easier to filter out.
- Spambots. The likelier culprit behind your form spam are spambots. As we’ve already mentioned, spambots are more dangerous as they can do more damage more quickly, including injecting scripts into your website. On the upside, they’re much easier to block with a hCaptcha.
How to Stop Spam on Contact FormThe principal and easiest solution to stopping spam from getting through your website’s contact form is to implement hCaptcha. Let’s take a look at what it is and how you can use it.
What Is hCaptcha?hCaptcha is a type of human verification method that can help you reduce spam and abuse on your contact page or any other page on your website. It’s a sort of a Turing test (not as elaborate as the one in Philip K. Dick’s Do Androids Dream of Electric Sheep?) that aims to tell apart humans from bots. It’s easy enough for a human to get past, but difficult for spambots and other types of malware. So by implementing a hCaptcha on your contact forms, you would make it easy for human users to enter, while blocking bots. hCaptcha offers this service for free, and you can try it out to see how it works. You get to choose how elaborate or simple you want your hCaptcha to be. In its simplest form, it’s only a button that looks like this:
Before You Add a hCaptcha in WordPressBefore adding a hCaptcha through your WordPress dashboard, you’ll need to first register your website with hCaptcha. If you already have a hCaptcha account, you can just add the new website, otherwise, you’ll need to fill out the form from scratch – which is short and easy enough. hCaptcha will provide you with a site key and a secret key for the website which you’ll use later. Now, head over to your WordPress dashboard for one of the following methods.
How to Stop Spam on Contact Form 7Implementing hCaptcha on Contact Form 7 is super easy.
- Go to the WordPress dashboard.
- Go to Plugins > Add New.
- Search for the hCaptcha plugin, then Install and Activate it
- Navigate to Settings > hCaptcha
- Add your Site Key, Secret Key and tick the box to Enable Contact Form 7 Addon. You should also Enable hCaptcha on Comment Form and Enable hCaptcha on Login Form to protect your WordPress site
- Click on Save hCaptcha Settings
A Few Words Before You Go…Spam on your contact page is more than annoying: it can also be harmful. However, hCaptcha is a tried-and-trusted method to keep your website and your customers safe from abuse, spam, and worst of all – malware. Hopefully, our guide has helped you figure out exactly how to prevent your contact form from being a vulnerability that allows spambots to get through.
View Related Articles
In DNS, an SPF record, or Sender Policy Framework record, is a TXT record that allows you to list the authorized hostnames and IP addresses that have permission to send emails under the auspice of your domain, i.e. on behalf of it. When you set up an SPF record, you specify the exact hosts which have the authority to send emails from your domain.
If you’re thinking about using the .fun gTLD for your website, we’ll help you brush up on everything you need to know about it – its history, who runs it, what it’s used for, and where you can get your very own .fun domain extension.
The .win gTLD has grown in popularity generally amongst gaming websites and communities. Everyone wants to win, right? In any case, if you’re thinking about launching your own .win website, let us give you a tour of the history, purposes, and popularity of this gTLD.