You’re a small law firm with a website, and your marketing is going well so your website is getting a lot of exposure. If your assistant weren’t drowning in spam emails, everything would be perfect. Besides the wasted time, you worry that some real leads are being lost in the sea of spam.
Website Spam: A Hydra
Spam facilitated by your website is a many-headed snake. If you stop spam bots from filling out the form, you’ll still have an army of human spammers filling out your forms from an office complex in the developing world. This snake has many heads we must deal with, so let’s get to work!
Bot Form Filling
A program can fill out many more forms than a person, so bot form filling is a larger-scale problem than human form filling, but there are ways of detecting bots.
How to Defeat the Bots
CAPTCHA is becoming less and less effective, and has the added problem of reducing form fill conversions. An excellent alternative is to use the “Anti Spam Honeypot” option in Gravity Forms, available in the Form Settings section.
Human Form Filling
Actual humans filling spam shouldn’t be combatted at the form level, because making it harder for humans to fill in your form will make it harder for your customers – who are presumably all humans.
How to Defeat the Humans
To defeat human spammers, I recommend setting up custom spam filters to filter for the type of spam your specific business receives. Because of the higher cost of using human spammers, typically you’ll receive only specific types of spam that are targeted to your industry or business type. This makes it easier to set up custom filters. See the final section for program-specific instructions.
WhoIs Domain Lookups
When a domain is registered, an email address is required (along with other personally identifiable information like name, address, and phone number). People can look up this information with a “WhoIs search”, available from websites like this WhoIs.net.
The 2 main types of spam that come from this are web design spam where a (usually foreign) design firm offers cheap design service, and registration spam, where a scammer will send a deceptive email requesting payment for something like “SEO Registration” hoping unsuspecting domain owners will pay them thinking they’re renewing their domain. Note that the web design spam also comes in the form of phone calls, and the registration scams also come in the form of physical mail.
Web Design Spam Example
Registration Scam Example
How to Defeat the WhoIs Lookups
There are many services for private registration or proxy registration that obscures this information from the public. Most domain registrars will offer to sell this to you when you are buying your domain at usually about $5/year. This also helps defeat the spam phone calls and the spam/scam physical mail.
Here’s an example from Name.com, which automatically applies their WhoIs Privacy when checking out.
WhoIs Privacy Example
Improving Spam Filtering At The Inbox Level
Your email program’s anti-spam software will usually have an adjustable sensitivity setting. Setting this higher can filter more spam, but can result in false positives.
You can also set up custom spam filters using rules you set up. I recommend using at least a few criteria, including a negative keyword or two (for something that your real correspondents say but that spammers never do).
Program-specific spam filter instructions: