Secure Your Assets Without Building a Prison Yard
You secure assets by using an AI agent to monitor activity in real-time. The agent learns normal patterns and flags suspicious behavior without visible security.
This is not about physical furniture. It is about protecting your business processes, like lead forms or customer support channels, from spam and fraud. Standard security measures often create friction for legitimate customers, like forcing them to solve a puzzle just to contact you. An AI approach works silently in the background.
We built a filtering system for a 15-person law firm that received over 400 spam contact form submissions a month. The AI agent, deployed in two weeks, now blocks 99% of junk submissions automatically. This saved their administrative staff over 5 hours of manual email filtering every week.
What Problem Does This Solve?
Most businesses start by adding a Google reCAPTCHA to their forms. This immediately introduces friction for every visitor and can decrease conversion rates by up to 4% as users abandon the form. It punishes legitimate prospects to deter bots, which is a poor trade-off. Worse, sophisticated bots can now solve basic CAPTCHAs, rendering them ineffective.
Next, teams try platform-specific tools like Akismet for WordPress. These services use shared blocklists and simple keyword filters. The problem is they are generic. An inquiry that is spam for an e-commerce store might be a legitimate lead for a local service business. Akismet's black-box nature means you cannot tune it for your specific lead profile, leading to legitimate inquiries ending up in the spam folder.
A 25-person home services company we spoke with had this exact issue. They were paying for ads driving traffic to a landing page, getting 300 leads a month. But 150 were spam. After adding a CAPTCHA, total submissions dropped to 210, but 100 were still spam. They lost 40 real leads and still wasted 4 hours a week deleting junk from their CRM.
How Does It Work?
We start by analyzing your last 6-12 months of historical form submissions. Using the Claude API, we process the text content, submission timestamps, and IP data to engineer features that separate legitimate inquiries from spam. This requires a minimum of 500 historical submissions with a clear 'spam' or 'legit' classification.
With this data, we train a custom classification model in Python using scikit-learn. The model learns the specific linguistic patterns of your valid leads versus common spam tactics. This model is then wrapped in a lightweight FastAPI application, creating a secure API endpoint for your website to call. The entire system is deployed on AWS Lambda for high availability and low cost.
When a user submits your contact form, a webhook sends the data to our API. The model analyzes the submission and returns a spam score between 0 and 1 in under 200 milliseconds. Submissions scoring below 0.2 are discarded. Those above 0.8 are sent directly to your sales team's inbox or CRM. Borderline submissions are routed to a 'manual review' folder, ensuring no real lead is ever lost.
We log all predictions and scores to a Supabase database for monitoring. A simple dashboard shows real-time spam-blocking rates and model accuracy. If the rate of false positives (real leads flagged as spam) exceeds 1% for 48 hours, an automated alert is sent, and we retrain the model on the most recent data. Monthly hosting costs for this entire infrastructure are typically under $25.
What Are the Key Benefits?
Invisible to Customers, Impenetrable to Bots
Your forms have no CAPTCHAs. Real customers get a smooth experience while 99% of automated spam is blocked before it ever reaches your team.
One-Time Build, No Per-Submission Fees
We deliver a complete system for a fixed price. You avoid the recurring monthly costs of SaaS security tools that penalize you for growing your lead volume.
You Own the Code and the Model
We deliver the full Python source code and trained model files to your company's GitHub repository. You are never locked into our service.
From 5 Hours of Triage to 15 Minutes
One client reclaimed over 240 hours of administrative time per year by eliminating manual spam filtering from their team's daily workflow.
Connects Directly to Your CRM
The system integrates with any tool that supports webhooks, including HubSpot, Salesforce, and Pipedrive, routing leads exactly where they need to go.
What Does the Process Look Like?
Data Audit (Week 1)
You provide a CSV export of past form submissions. We analyze the data and deliver a quality report confirming the viability of a custom model.
Model Development (Week 2)
We build and test the classification model. You receive a performance summary detailing its accuracy against your historical spam patterns.
Deployment and Integration (Week 3)
We deploy the scoring API on AWS Lambda and provide a webhook URL. You receive documentation and a runbook for the live system.
Live Tuning and Handoff (Weeks 4-6)
We monitor live performance for two weeks to fine-tune the scoring threshold. You receive weekly reports before the final handoff.
Frequently Asked Questions
- How much does a custom spam filtering system cost?
- Pricing is a fixed, one-time fee based on the number of forms and complexity of your data. It is not a recurring subscription. We can provide a detailed quote after a 30-minute discovery call to understand your specific needs. The goal is a system that pays for itself in reclaimed staff time within the first year.
- What happens if the system blocks a real lead?
- This is called a false positive, and our primary goal is keeping this rate below 1%. The system is designed to be conservative; submissions with borderline scores are not deleted but are sent to a 'for review' queue. This ensures a human can always perform a final check on ambiguous inquiries, so you never lose a valuable lead.
- How is this better than Cloudflare's Bot Fight Mode?
- Cloudflare blocks bots at the network level based on IP addresses and browser behavior, which is a great first defense. Our system works at the application level, analyzing the *content* of the message itself. It catches sophisticated spam from attackers who use clean IPs and browsers but send formulaic, low-quality messages. The two systems work well together.
- What if spammers change their tactics?
- Model drift is expected. The system includes a simple retraining pipeline. Once a quarter, you can provide a fresh export of recently classified leads, and we run a script that updates the model. Our optional flat-rate monthly maintenance plan includes us managing this retraining process for you so the system stays effective.
- Can this system be used for more than just contact forms?
- Yes. The underlying technology is a custom text classifier. We have adapted this exact approach to filter spam from blog comments, triage inbound support tickets by identifying keywords for urgency, and automatically disqualify junk leads from chatbot conversations. If the input is text, we can build a model to classify it.
- What level of access to our systems do you need?
- We never need administrator access to your CRM or website. To start, you provide a one-time data export (CSV file). For deployment, you simply add a webhook URL, which we provide, into your form's settings panel. All data processing and model hosting happens within a secure AWS environment managed entirely by Syntora.
Related Solutions
Ready to Automate Your Small Business Operations?
Book a call to discuss how we can implement ai automation for your small business business.
Book a Call