All the time. You will never get rid of this stuff 100% because every time you block one method someone finds another one that gets through. I do want to ask though if your spam is coming through your form or if it's just coming to the email address you put in the HTML of your form? Either way it is easy to block but the methods are different.
Any page that is accessible via the web without any preprocessing can be viewed or automatically scanned. If the scanned page has what looks like an email address then the address can be captured and used for any purpose (SPAM). To protect yourself or your site from this type of abuse you can do many things. The simplest thing to do is just encode the email address so that it still works but does not appear as a normal text emailaddress.
There are literally thousands of sites like this one explaining how it is done. http://rumkin.com/tools/mailto_encoder/
The thing to also keep in mind is not to provide any clue that you are using some sort of encoding. For example do not use comment blocks to make note of the section holding the encoded email
<noscript>You need JavaScript to see my email address</noscript>
This is a dead givaway and tells the scanner how to decode your script and find the email address.
Enjoy!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have been recently spammed by "phentermine overnight" and "viagara" ads. It looks like some kind of bot. Has anyone else seen this?
All the time. You will never get rid of this stuff 100% because every time you block one method someone finds another one that gets through. I do want to ask though if your spam is coming through your form or if it's just coming to the email address you put in the HTML of your form? Either way it is easy to block but the methods are different.
Any page that is accessible via the web without any preprocessing can be viewed or automatically scanned. If the scanned page has what looks like an email address then the address can be captured and used for any purpose (SPAM). To protect yourself or your site from this type of abuse you can do many things. The simplest thing to do is just encode the email address so that it still works but does not appear as a normal text emailaddress.
There are literally thousands of sites like this one explaining how it is done.
http://rumkin.com/tools/mailto_encoder/
The thing to also keep in mind is not to provide any clue that you are using some sort of encoding. For example do not use comment blocks to make note of the section holding the encoded email
<noscript>You need JavaScript to see my email address</noscript>
This is a dead givaway and tells the scanner how to decode your script and find the email address.
Enjoy!