Published: 7th July 2009
Author: Andrew Hart
No one likes spam in their inbox and there are many weapons to combat spammers from abusing the forms (such as a feedback form) that you have on your website.
The most critical aspect that is often overlooked is preventing spam whilst not losing genuine communication from your users.
Many Web masters turn to the well known CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) method without carefully considering the implications.
CAPTCHAs are visual challenges, defeating most spam bots but at the same time they can also defeat humans:
Using a challenge (such as a CAPTCHA) will not only prevent bots but they will also cause the number of genuine submissions of your form to drop.
Most people looking at the CAPTCHA debate don't even consider: "does CAPTCHA deliver the level of security that you think it is?".
The simple answer is: no!
The longer CAPTCHA has been around, and the more popular it has become, the more hackers have focused on bypassing its security. See the case study in "further reading" at the end of this article.
You still need to prevent spam, but there is no need to place the work-load on your visitors.
Adding spam watching methods to your web form causes no additional work for your visitors but still cause spam bots headaches:
All these need to be implemented with care so as not to cause 'false-positives' which label genuine submissions as spam, or cause any usability issues.
Whilst preventing suspected spam submissions you should always consider the occasional genuine visitor who will trigger one of your spam protection rules. Don't simply send them to a nasty error message - redirect them to a page that can help them resolve the issue. You do not want to alienate visitors after all.
Spam is a problem and it does need to be tackled, but forcing your visitors to jump through hoops is not the right way to tackle it.
Do not rule out CAPTCHA as a method. Whilst I have detailed problems with using this method, there are situations and scenarios where it is still valuable if implemented carefully.
Before you allow your webmaster to create any barriers on your website first consider the real business implications:
Getting the balance between spam prevention and usability right is crucial: dealing with a little bit of spam makes far more commercial sense than losing genuine business!
At Simius Web we can help you to find the best spam prevention for your website, Why not give us a call today?
If you are interested in learning more on the impact of CAPTCHA on your business we recommend reading: CAPTCHAs' Effect on Conversion Rates by Casey from GR Web Designs.
For a more indepth look at CAPTCHAs impact on accessibility (including actual working code samples!) I highly recommend reading Spam-free accessible forms by WebAIMs Jared Smith.
Check out how secure CAPTCHA really is with this List of Resources: Breaking CAPTCHA by Karl Groves
End of main content
End of page