# I Tested Spam Protection on Formspree vs Formgrid. The Results Were Surprising. > Source: > Published: 2026-05-22 16:12:14+00:00 If you use Formspree to handle your HTML form submissions, you may have noticed something frustrating lately. Spam is getting worse. And Formspree is not stopping it. I ran a simple test last week that confirmed what many Formspree users are already experiencing. Here is exactly what happened. I set up two identical contact forms. One pointing to a Formspree free plan endpoint. One pointing to a Formgrid free plan endpoint. Then I submitted this spam to both: Name: 💰 Top Up 36,824.92 USDC ⇒⇒ graph.org/BALANCE-3682444-USD-04-21-3?hs=a4973c2d49735de24405dc4e9935f590& 💰 Email: oijm2lwwnxhwqn@wshu.net Message: dxospb This is a real spam submission. Not something I made up. It was submitted to a real business contact form on 20 May 2026 at 8:26 AM. The submission went straight to the inbox. No filtering. No blocking. The business owner received the full spam email notification with the cryptocurrency scam content, the disposable email address, and the random gibberish fields. This is a Formspree free plan limitation. Spam filtering is not included on the free plan. Every submission, regardless of content, goes directly to your inbox. For a solo developer or small business owner, this is annoying. For a team like a counselling service or a professional services firm, receiving this kind of content in a shared inbox is genuinely disruptive. Nothing arrived. The submission was silently blocked before it ever reached the inbox. No email notification. No lead created in the dashboard. The spam never existed as far as the form owner was concerned. Formgrid detected multiple red flags in the submission automatically: Emoji in the name field: 💰 symbols are not legitimate names Cryptocurrency content: USDC and balance transfer patterns are known spam signals Disposable email address: wshu.net is a known throwaway email domain URL in the name field: graph.org link embedded in what should be a name field Gibberish fields: yp574z, uujdgc, and dxospb are random character strings not legitimate data Arrow patterns: ⇒⇒ is a common spam formatting pattern used in crypto scam submissions All of these checks run automatically on every Formgrid form on every plan, including free. The form owner never configured anything. The spam was blocked without any action required. Most contact forms collect inquiries from real people with real problems your business can solve. When spam floods your inbox, it buries those real inquiries. A counselling service receiving cryptocurrency scam content in their team inbox is not just annoying. It is inappropriate and disruptive to their workflow. A small business owner checking their form submissions and seeing spam instead of genuine leads is wasting time and losing confidence in their tools. Form spam is not a minor inconvenience. It directly affects your ability to respond to real customers quickly. Formspree has been around since 2012. Their free plan has always had limited spam protection. As bots become more sophisticated, the gap between what Formspree filters and what actually gets through continues to widen. Their paid plans at $15 per month include reCAPTCHA and additional spam filtering. But that means paying $15 per month just to stop obvious spam that should never reach your inbox in the first place. Formgrid runs platform level spam checks on every single submission across every form on the platform automatically. These checks cannot be disabled and apply to every plan, including free. The checks include: Emoji detection in name fields. Legitimate names do not contain cryptocurrency symbols or emoji. Disposable email domain blocking. A database of known throwaway email services like wshu.net, yopmail.com, and mailinator.com is blocked automatically. URL detection in name fields. Real names do not contain links. If a name field contains a URL, it is spam. HTML injection blocking. Any submission containing HTML tags like anchor links or script tags is silently filtered. Gibberish field detection. Random character strings in fields that should contain readable text are flagged automatically. Cryptocurrency and casino keyword filtering. Known spam content patterns are matched and blocked before reaching your inbox. Arrow pattern detection. Spam formatting patterns like ⇒⇒ used in crypto scam submissions are detected and blocked. All of this runs silently. The spammer receives a successful response, so they never know they were blocked. You never see the submission. Your team never sees the content. Switching takes about 5 minutes. Your existing form HTML does not change. Your fields stay the same. Only the action URL changes. From this:
To this: One line. Five minutes. No more spam in your inbox. Formgrid is free to start with no credit card required. Spam protection is included on every plan, including free. If you are currently on Formspree and tired of spam reaching your inbox, give Formgrid a try. The switch takes 5 minutes, and your team will never see cryptocurrency scam content in their inbox again.