Constant spam in Pipedrive web forms

andynmartin
andynmartin Member Posts: 16 VERIFIED MEMBER
10 Comments Name Dropper First Anniversary

We are getting a lot of spam web form submissions, which ruins our conversion tracking and wastes our team's time sorting through and deleting them. Has anyone found a workaround for this?

Perhaps Pipedrive could implement a different / better reCaptcha approach, honeypot, etc.?

0
0 votes

Submitted · Last Updated

Comments

  • Amit Sarda (AmitSarda.xyz)
    Amit Sarda (AmitSarda.xyz) Member Posts: 1,608 VERIFIED MEMBER
    1000 Comments 250 Likes Fourth Anniversary 25 Answers

    Try using these form solutions instead where some of them offer a captcha.

    • Formaloo: AI-powered survey maker for lead capture and data collection and management (like Airtable?).
    • Fillout: Simple drag-and-drop, conditional logic for small businesses.
    • Typeform: Expensive, but the OG form solution providing conversational user experiences.
    • MakeForms: Code-free, file uploads, e-signatures, calculated fields.
    • GoZen: AI-powered autofill for repetitive data entry.
    • JotForm: 10,000+ templates, payments, approvals, enterprise security.
    • ConvertCalculator: Excel-like calculation forms with powerful formulas.
    • Gravity Forms: WordPress plugin, conditional logic, databases, payments.
    • TallyForms: Free, intuitive form builder, a lot like Notion.

  • andynmartin
    andynmartin Member Posts: 16 VERIFIED MEMBER
    10 Comments Name Dropper First Anniversary

    @Amit Sarda (AmitSarda.xyz) the pipedrive forms have a captcha.
    One of the reasons to use a platform like Pipedrive is integrated tools like lead forms, etc. so we don't need a bunch of Zaps holding everything together.

  • andynmartin
    andynmartin Member Posts: 16 VERIFIED MEMBER
    10 Comments Name Dropper First Anniversary

    Does anyone at Pipedrive care about this?

  • Leonardo Zimmermann
    Leonardo Zimmermann Pipedrive Team Posts: 158 PIPEDRIVE TEAM
    Third Anniversary 100 Comments 5 Answers 5 Likes
    edited July 2 #5

    Hey, @andynmartin!

    Thank you for sharing the feedback with us. I see workarounds have been shared by one of our community members.

    When investigating this topic a bit further on our end, I noticed that you have reached out to our Support Team to discuss this topic. After investigating your specific case and the form you were having the most troubles with, our Engineers found no specific issues - which means that the spamming happens due to the public sharing of the form.

    While our webforms are protected by recaptcha, which prevents spam bots and automated submissions, from the moment we share a form on a public website we can end up being spammed - and there is not much that can be done about manually submitted malicious forms.

    That said, we hear you and have shared the suggestion of having better anti-spam tools used on our webforms with our internal teams, so that this can be considered in future improvements.

    Thank you.

  • andynmartin
    andynmartin Member Posts: 16 VERIFIED MEMBER
    10 Comments Name Dropper First Anniversary
    edited July 2 #6

    Hi @Leonardo Zimmermann. Thanks for your response.

    I'm not sure I'd consider using alternative products a workaround. A big value proposition of Pipedrive's is integrated feature sets so we don't have to integrate everything ourselves.

    Further, everyone knows that simply adding a captcha is not a very robust spam prevention method. It’s common for bots to bypass captchas these days. The pattern and frequency of the spam we get suggests these are not humans submitting these. 

    Common solutions:

    Honeypot fields
    IP reputation checking
    Rate limiting
    AI-powered spam / pattern detection systems

    Is the team willing to invest in improvements at all, or should we look at other products to solve this?

  • alturic
    alturic Member Posts: 3 VERIFIED MEMBER
    Fourth Anniversary Name Dropper First Comment Photogenic

    Yea, this is kind of a bogus comment @Leonardo Zimmermann. There are a ton of things that can be done to help alleviate BS submissions. Even if as a company, community, general public don't consider manual submitted submissions to be spam just allowing us to specify something like an email address and/or phone number as SPAM and not having Pipedrive do anything when a submission with those things are there is a huge oversight.

    Honestly, I never liked how Pipedrive doesn't consider certain fields unique to begin with. In what world do people consider these different people?

    Leo Zimmermann - leo@zimmermann.com
    Leonardo ZImmermann - leo@zimmermann.com
    L. Zimm - leo@zimmermann.com
    Mr. Zimmermann - leo@zimmermann.com

    So two things to be clear with what I mean. First, there should only ever be able to one person with leo@zimmermann.com in my system unless someone can provide a valid reason for why that is a silly thought? Second, not being able to blacklist submissions based on criteria is a massive oversight.

    Think of it this way, every few weeks someone comes to my form and tries to pitch me a service they offer. They are human submissions so they pass the CAPTCHA, but I don't need a new person, a new lead and a new company added to my Pipedrive every few weeks… especially when they are all the exact same submissions. The simplest solution imo would be allowing us to specify blacklisted email addresses or something.

  • Josh Buesking
    Josh Buesking Member Posts: 218 VERIFIED MEMBER
    Fourth Anniversary 100 Likes 100 Comments 5 Answers

    Form spam has gotten pretty hard to combat as of lately across all options.

    I use gravity forms and they conditional logic, so I have a few rules set up to where if a url is in the comments it can't be submitted. It also has a check for duplicates option so even if it passes the logic is still searches to see if the contact already exists.

    I have feeding my lead inbox so if I delete the spam lead it deletes the associated contact.