Ensure that public forms that capture information are protected from spammers by building a CAPTCHA into the form, which verifies that a human is entering the data.
Bots and other spammer malware can spam public forms - for example, forms that you've built with Visualforce on Force.com Sites. As a result, you will be overwhelmed with bad data, and potentially a lot more - for example these attacks could cause a denial of service event.
A CAPTCHA is a challenge-response test used in applications to determine whether a human or a computer is interacting with the application. You've probably seen them — colorful images with distorted text at the bottom of Web registration forms. CAPTCHAs are used by many websites to prevent abuse from "bots," or automated programs usually written to generate spam. No computer program can read distorted text as well as humans can, so bots cannot navigate sites protected by CAPTCHAs.
To add CAPTCHA to your forms, follow the tutorial here.