I am experiencing something I have not seen before... Stated simply, somehow you can enter anything into the security code field (and now the answer field and the form still submits).
As such I have started receiving a lot of spam from this client web page. contact-us/
I first added into the form the additional security question of answer. But it does not seem to matter what is entered into this field and it still "validates". If all fields are filled out. The form still submits and generates the email.
I have attached the code for the page. For you too look at. Any ideas would be appreciated!