Hi Adam – Thanks so much for the detailed response. Here are some of the answers to your questions.
1. I drew this conclusion because if I look at the analytics 90% of the spam gets saved in the form, but doesn’t reach the thank you page (where it would be saved as a conversion). I suppose another possibility is the spam is getting past the captcha and other measures I have in place but clicks off after the submission has been completed but before the thank you page has had a chance to load. We’ve been getting several spam submissions per day, but we usually only see conversions for legitimate submissions.
2. I did not see your submission, so I suppose this supports the idea the spam is actually making it past the recaptcha.
3. It had previously been marked “mark as spam”. I just changed it to fail the submission.
4. Yes, the website is built on divi running on wpengine.
5. https://pastebin.com/1NmwgwtV
