Spam form submissions are form submissions that contain unwanted, irrelevant or harmful information. These could be filled in by human users who attempt to flood forms with undesired results or the result of a bot crawling known websites and automatically submitting your form.
Online forms are easy targets for bots and can fill your database with spam prospects. Imagine a marketing resource spending time filtering out spam submissions from contact forms. It’s a sheer waste of time, effort and resource cost.
Spam form is one of the common challenges faced by Pardot Admins and is certainly detrimental to your automation system. A spam form once submitted and categorised as a prospect can become a part of your automation and assignment rules. It might enter into your CRM as well.
5 proven ways to thwart spam form submission in Pardot:
Below are some additional strategies that can be used to reduce spam from the Pardot form handler submissions.
All forms hosted by Pardot have built-in bot protection by using a negative CAPTCHA called a honeypot. Add a Honeypot field to external form. It’s an invisible field that your prospects can’t see. However, bots do see this field and fill it out. Pardot rejects all the form submissions when the honeypot field has a value.
Unfortunately, as spam prevention improves, so does spam. The most sophisticated bots may be able to figure out a honeypot and bypass it.
On a Pardot form – there is a setting that would enable the reCAPTCHA box to the form for advanced bot protection. For third party forms that are submitted to Pardot form handlers, CAPTCHA or reCAPTCHA security can be added to the third-party form. Most form services offer CAPTCHA or reCAPTCHA on their forms or methods to add the code for that. The best way to find this information is by doing a web search or contacting the third-party form's support team.
Spam submissions often come from bots that scrape the form handler's endpoint URL from the web page where the third-party form is located. To combat that type of submission, the third-party form can be set up to submit to an external server and then have the server submit to Pardot. This would prevent bots from finding the form handler's endpoint URL on the web page. This setup is out of scope for Pardot support and will require working with a web developer or the third-party form's support team.
If the form handler is compromised and gets lots of spam submissions, the form handler can be deleted in Pardot. This will invalidate the form handler URL and a new form handler can be created in its place.
Pardot form and form handlers have 3 options for email addresses:
Option 1 - “Email,” which just requires valid email address syntax
Option 2 - “Email with valid mail server” requires valid email address syntax, a live domain name and a receiving email server listed in DNS records
“Email not from ISPs and free email providers” which requires everything for “Email with valid mail server” plus the address cannot be from a known free ISP (e.g., Comcast, Charter) and cannot be from a free email provider (e.g., Hotmail, Gmail, Yahoo! Mail)
It makes sense to choose option 2 while configuring the email field as option 1 is too relaxed as it will accept anything that remotely resembles an email and option 3 is too restrictive.
Any form fields that you can make into picklists of predefined values is going to improve the quality of incoming data, so use dropdowns wherever possible. Even if the State and Country fields are Text fields, you can still make these field dropdowns on forms. To configure this, just select the type “Dropdown”, then go to the values tab and select the type of data you’d like to display.
Besides all the protection, there will be still submissions that would bypass all protection and make their way through.
If you want to know how to manage the SPAM leads that have already entered the system and prevent them from entering CRM. TransFunnel is just a click away from you!
The broad approach here is to identify spam commonalities and create a spam list. Now set the automation rule to match the incoming form entries with the spam list and define the desired actions like “Do no sync with the CRM” or “decay their score to 0”.
Implement these simple strategies to minimise the number of spam submissions and contribute to designing a secure and robust Pardot marketing automation set up.
Gain expert insights to learn more about inbound methodologies and marketing automation