Embedded Forms Getting Bot Signups

  • 21 February 2024
  • 3 replies

Userlevel 5
Badge +18

Hi All - 


My client has a bunch of embedded forms to personalize for each of their influencers and their followers. We got hit with spam sign ups, so we disabled the pages on the site for now until we are ready to use the forms again. The issue is these bots are still signing up and it is the exact same name every time. I am wondering if they have the embed code and entering it somewhere else? Has anyone ever run into this issue? And double-opt in is not the answer I am looking for!


Best answer by retention 21 February 2024, 17:38

View original

3 replies

Userlevel 6
Badge +21

hi @chelsgrove are you able to add a reCAPTCHA on the site? That might help with the bot sign ups. This Klaviyo Community answer from @Taylor Tarpley has a link how to do it: 

Userlevel 7
Badge +58

@chelsgrove - sorry to see this happening.  The bots have saved the destination URL of the Form (where the form submits to), so disabling the page probably won’t hide it unless you also disable the Form. This is probably restated in Taylor’s post and elsewhere, but this is what we do if we get blasted by bots:  

  • Create a New List for this bot filtering process
  • Enable Double-Optin on that New List
  • Clone over any List triggered Flows (e.g. Welcome Series) to be triggered off this New List in case any normal subscribers sign up in the mean time.
  • Change the List of the embedded Signup Form to the New List from the main List temporarily. 
  • Wait X days, sort of depends on how persistent they are…
  • Disable Double-Optin to see if the bot is still attacking the Form
  • If everything has subsided, you can then point the Form back to your Main List.

But long term solution is to also add in ReCaptcha, but that requires a legacy HTML form and some development work.  

Userlevel 6
Badge +21

Thanks for the clarification @retention I didn’t know that about the legacy forms.