+ Start a Discussion

Blocking Spam on Web-to-Lead Form with hidden HTML field

I was wondering if it would be possible to fool SPAM bots with a hidden html field.  I have acreated a number field called "Validation" and I put an assignment rule as if the value is greater than zero that it will be marked as SPAM and won't fill employees mailboxes with emails telling them a Lead has been created.  In your experience, would the bots still fill this out or would this not be worth reconfiguring our website?

Jeff TalbotJeff Talbot

Can't answer your question specifically - spam bots probably have some variance in their sophistication... But I can tell you what works for me.


My web-to-lead forms are used for submitting reservation requests, so they require entry of a "Reservation Date". The spam bots that submit to my web-to-lead forms always try to submit text in the Reservation Date field. Not too bright. The text in a date field is ignored by Salesforce and a blank entry is made. So, I implemented a Lead validation rule that prevents Lead creation when Lead Source is Web and Reservation Date is blank.

VIP Condos TorontoVIP Condos Toronto
I would try to name your field something similar to "firstname" "lastname" "fullname" "email address" something that looks like a real field, as bots are usually trained to look for standard fields with those names in it.  Most bots will probably ingore a field labelled as "validation"

It still has to be unique from the field you are using as the real first or lastname field etc. but if you get those keywords in there the bot will probably pick it up and fill it in.

Then you can hide this field and bots will still pick it up. More advanced bots might realize that it's been hidden but you'll catch a lot of less sophisticated bots.
Thanks @daniel Molnar. I'll give it a try.