https://community.hubspot.com/t5/APIs-Integrations/Recaptcha-is-not-stopping-spam-submits/m-p/838934#M66743 <P>Do you know if there is any way apart from recapthcha to limit the submits in a form? We have been having massive attacks on the checkout of our products to test cards. Apparently they found a way to bypass recaptcha security.</P> Wed, 23 Aug 2023 14:48:37 GMT codaz 2023-08-23T14:48:37Z https://community.hubspot.com/t5/APIs-Integrations/Recaptcha-is-not-stopping-spam-submits/m-p/838934#M66743 <P>Do you know if there is any way apart from recapthcha to limit the submits in a form? We have been having massive attacks on the checkout of our products to test cards. Apparently they found a way to bypass recaptcha security.</P> Wed, 23 Aug 2023 14:48:37 GMT https://community.hubspot.com/t5/APIs-Integrations/Recaptcha-is-not-stopping-spam-submits/m-p/838934#M66743 codaz 2023-08-23T14:48:37Z https://community.hubspot.com/t5/APIs-Integrations/Recaptcha-is-not-stopping-spam-submits/m-p/839098#M66753 <P>Hey&nbsp;<a href="https://community.hubspot.com/t5/user/viewprofilepage/user-id/617987">@codaz</a>,</P> <P>&nbsp;</P> <P>You should also enforce strong server side validation to prevent any sort of malicious submissions. For instance you could use some sort of RegEx (Regular Expression) to make sure the card number is in fact an actual card number and not a test card. If it is not simply prevent the submission.&nbsp;</P> <P>&nbsp;</P> <P>Some common regular expressions taken from <A href="https://stackoverflow.com/questions/9315647/regex-credit-card-number-tests" target="_blank" rel="noopener">this stackoverflow post</A> include:</P> <P>&nbsp;</P> <LI-CODE lang="markup">Amex Card: ^3[47][0-9]{13}$ BCGlobal: ^(6541|6556)[0-9]{12}$ Carte Blanche Card: ^389[0-9]{11}$ Diners Club Card: ^3(?:0[0-5]|[68][0-9])[0-9]{11}$ Discover Card: ^65[4-9][0-9]{13}|64[4-9][0-9]{13}|6011[0-9]{12}|(622(?:12[6-9]|1[3-9][0-9]|[2-8][0-9][0-9]|9[01][0-9]|92[0-5])[0-9]{10})$ Insta Payment Card: ^63[7-9][0-9]{13}$ JCB Card: ^(?:2131|1800|35\d{3})\d{11}$ KoreanLocalCard: ^9[0-9]{15}$ Laser Card: ^(6304|6706|6709|6771)[0-9]{12,15}$ Maestro Card: ^(5018|5020|5038|6304|6759|6761|6763)[0-9]{8,15}$ Mastercard: ^(5[1-5][0-9]{14}|2(22[1-9][0-9]{12}|2[3-9][0-9]{13}|[3-6][0-9]{14}|7[0-1][0-9]{13}|720[0-9]{12}))$ Solo Card: ^(6334|6767)[0-9]{12}|(6334|6767)[0-9]{14}|(6334|6767)[0-9]{15}$ Switch Card: ^(4903|4905|4911|4936|6333|6759)[0-9]{12}|(4903|4905|4911|4936|6333|6759)[0-9]{14}|(4903|4905|4911|4936|6333|6759)[0-9]{15}|564182[0-9]{10}|564182[0-9]{12}|564182[0-9]{13}|633110[0-9]{10}|633110[0-9]{12}|633110[0-9]{13}$ Union Pay Card: ^(62[0-9]{14,17})$ Visa Card: ^4[0-9]{12}(?:[0-9]{3})?$ Visa Master Card: ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14})$</LI-CODE> <P>&nbsp;</P> <P>If I were you I would look to incorporate some sort of check to ensure card numbers match the corresponding regular expressions. If not reject the submission.</P> <P>&nbsp;</P> <P>I hope this helps!</P> Wed, 23 Aug 2023 18:18:52 GMT https://community.hubspot.com/t5/APIs-Integrations/Recaptcha-is-not-stopping-spam-submits/m-p/839098#M66753 coldrickjack 2023-08-23T18:18:52Z https://community.hubspot.com/t5/APIs-Integrations/Recaptcha-is-not-stopping-spam-submits/m-p/1243196#M86604 <P class="">We were dealing with the exact same mess at my company. It was killing our lead data and making our paid channel ROAS look way off.</P><P class="">&nbsp;</P><P class="">We actually started using <STRONG>Formwatch.ai</STRONG> in 2025.&nbsp;It’s been a game-changer for our lead quality and has reduced our spam volume to basically zero. The biggest win for us was getting rid of ReCAPTCHA, which was tanking our conversion rates.</P><P class="">&nbsp;</P><P class="">If you’re still trying to clean up your CRM, it might be worth a look: <A href="https://www.formwatch.ai/" target="_blank" rel="noopener"><SPAN class="">https://www.formwatch.ai/</SPAN></A>. Happy to chat about how we set it up if that helps!"</P> Tue, 20 Jan 2026 02:15:59 GMT https://community.hubspot.com/t5/APIs-Integrations/Recaptcha-is-not-stopping-spam-submits/m-p/1243196#M86604 TMarc8 2026-01-20T02:15:59Z