If it's just a contact form on some random site that isn't particularly valuable to spammers, a bespoke solution like hidden input fields, obfuscation, or some kind of token calculated client-side by JS will probably work just as well.
That used to be the case, unfortuantely today even bespoke solutions can be completed by automation - any anything that just requires running JS in a headless browser was ineffective for a long time already.