Major problem with contact form and captcha getting attacked

My host has now blocked my contact page due to attack of the captcha image. I have attached the file and hope you can help ASAP. Thank you.

From host -
The script/page seems to have some recursive problem or other.
Because it seems like when a connection is make there is this massive
amplification of PHP processes (contact.php and
/WA_ValidationToolkit/WAVT_CaptchaSecurityImages.php back and forth)

Please provide a Skype username or a US phone number and a good time to contact you when you will be in front of your computer and we will have an engineer contact you to resolve this issue over the phone.

We are available Monday - Friday from 9am - 4pm EST (except major U.S. holidays).

Below is number. I am available this afternoon at 3:30 to 4:00 or tomorrow between 9 and 11:00. Thank you.

I have forwarded your contact info to Ray, He should be contacting you today or tomorrow to look into the problem .

This is a big issue as the contact form has been disabled from my server due to this abuse. Please contact me ASAP. If you can not call today I should be available tomorrow from 1:00 - 4:00. Thank you.

Any idea when I met get a call? Thank you.

I have forwarded your message to Ray and Asked him to contact you today.

Just letting you know that I have spoken with Ray and I am waiting for some additional information from my hosting company. Thank you.

Ok, you're welcome.

Here is the response from my server. (Remember I am only quoting their response.)

----------------------------------------
How old are these scripts would be my first question?

I believe I saw 2010 on many.
It's possible hackers are attempting to break in through some known
exploit in this script set.

Personally I'm not seeing that the contact form is doing these folks much
favors.
Why not just set a text only page with reference to phone numbers and
email contact address (saving everyone a lot of time)?

Nowadays most people know how to type email addresses (not like the old
days when we first started and felt people were so dumb they needed a form
with a submit button. :)

I've added some log info bottom of this email, but here's the thing. When
the script was bringing down the server, there were only a few connections
as well. This leads me to believe there is something wrong in the
scripting somewhere.

?Original Message-----

./calicosmetics.com:192.73.236.70 - - [08/May/2014:05:37:39 -0700] "GET
/contact.php HTTP/1.0" 404 7581 "https://www.calicosmetics.com/"
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com:192.73.236.70 - - [08/May/2014:05:37:40 -0700] "GET
/product.php?PL=Oliva%20Green&PN=Baci HTTP/1.0" 200 8096
"https://www.calicosmetics.com/contact.php" "Mozilla/5.0 (compatible; MSIE
9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com:117.26.201.131 - - [08/May/2014:05:52:26 -0700] "GET
/contact.php HTTP/1.1" 404 7581 "-" "Mozilla/4.0 (compatible; MSIE 6.0;
Windows NT 5.1; SV1)"
./calicosmetics.com:74.221.212.33 - - [08/May/2014:07:40:01 -0700] "GET
/contact.php HTTP/1.0" 404 7581 "https://www.calicosmetics.com/"
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com:74.221.212.33 - - [08/May/2014:07:40:25 -0700] "GET
/product.php?PL=Oliva%20Green&PN=Baci HTTP/1.0" 200 8096
"https://www.calicosmetics.com/contact.php" "Mozilla/5.0 (compatible; MSIE
9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com-ssl_log:192.73.236.70 - - [08/May/2014:05:37:39 -0700]
"GET /contact.php HTTP/1.0" 404 7581 "https://www.calicosmetics.com/"
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com-ssl_log:192.73.236.70 - - [08/May/2014:05:37:40 -0700]
"GET /product.php?PL=Oliva%20Green&PN=Baci HTTP/1.0" 200 8096
"https://www.calicosmetics.com/contact.php" "Mozilla/5.0 (compatible; MSIE
9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com-ssl_log:74.221.212.33 - - [08/May/2014:07:40:01 -0700]
"GET /contact.php HTTP/1.0" 404 7581 "https://www.calicosmetics.com/"
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com-ssl_log:74.221.212.33 - - [08/May/2014:07:40:25 -0700]
"GET /product.php?PL=Oliva%20Green&PN=Baci HTTP/1.0" 200 8096
"https://www.calicosmetics.com/contact.php" "Mozilla/5.0 (compatible; MSIE
9.0; Windows NT 6.1; Trident/5.0)"

Original Message-----

./calicosmetics.com:192.73.236.70 - - [08/May/2014:05:37:39 -0700] "GET
/contact.php HTTP/1.0" 404 7581 "https://www.calicosmetics.com/"
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com:192.73.236.70 - - [08/May/2014:05:37:40 -0700] "GET
/product.php?PL=Oliva%20Green&PN=Baci HTTP/1.0" 200 8096
"https://www.calicosmetics.com/contact.php" "Mozilla/5.0 (compatible; MSIE
9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com:117.26.201.131 - - [08/May/2014:05:52:26 -0700] "GET
/contact.php HTTP/1.1" 404 7581 "-" "Mozilla/4.0 (compatible; MSIE 6.0;
Windows NT 5.1; SV1)"
./calicosmetics.com:74.221.212.33 - - [08/May/2014:07:40:01 -0700] "GET
/contact.php HTTP/1.0" 404 7581 "https://www.calicosmetics.com/"
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com:74.221.212.33 - - [08/May/2014:07:40:25 -0700] "GET
/product.php?PL=Oliva%20Green&PN=Baci HTTP/1.0" 200 8096
"https://www.calicosmetics.com/contact.php" "Mozilla/5.0 (compatible; MSIE
9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com-ssl_log:192.73.236.70 - - [08/May/2014:05:37:39 -0700]
"GET /contact.php HTTP/1.0" 404 7581 "https://www.calicosmetics.com/"
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com-ssl_log:192.73.236.70 - - [08/May/2014:05:37:40 -0700]
"GET /product.php?PL=Oliva%20Green&PN=Baci HTTP/1.0" 200 8096
"https://www.calicosmetics.com/contact.php" "Mozilla/5.0 (compatible; MSIE
9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com-ssl_log:74.221.212.33 - - [08/May/2014:07:40:01 -0700]
"GET /contact.php HTTP/1.0" 404 7581 "https://www.calicosmetics.com/"
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
./calicosmetics.com-ssl_log:74.221.212.33 - - [08/May/2014:07:40:25 -0700]
"GET /product.php?PL=Oliva%20Green&PN=Baci HTTP/1.0" 200 8096
"https://www.calicosmetics.com/contact.php" "Mozilla/5.0 (compatible; MSIE
9.0; Windows NT 6.1; Trident/5.0)"
-------------------------------
I hope this helps.

  How old are these scripts would be my first question?  

When did you create the contact form? With what version of Form Builder?

My first question would rather be:
When the form is being accessed like this, are you getting emails through through?

if not, then as the host tech said, they may be trying to find a vulnerability, but are not succeeding.

that log shows that there are 3 IP addresses accessing the page:

192.73.236.70
74.221.212.33
117.26.201.131


you could use HTAccess to prevent access to your site from those IP's:
http://www.htaccess-guide.com/deny-visitors-by-ip-address/