You could use client side JavaScript but most spambots can run script too so it’s not effective like it once was. If you are going to expose an address just use a good antispam client or user a server that has great protection. You will still get spam, just not as much.
Do you feel that Gsuite and webflow offer enough protection against spam and phishing attacks or do we need extra protection?
Also, can you please tell me if this is a fact or a myth: if you put your email on a website and it is going to be harvested by spam bots, can they use your email to phish your clients? Like a client will think I asked for something because it seems to be sent by me or it doesn’t actually work that way?
Google gmail has good spam protection. Webflow does not provide email services so it is not a factor.
Can people with email boxes be phished? Yes, once the address has been made public or is easily guessed phishing becomes a possibility. This has nothing to do with Webflow and is better researched online, not in these forums.
If you are talking about forms, I recommend using reCaptcha. Webflow does not “filter” form submissions.
Don’t click on suspicious links in email or texts it may allow the spammers to steal your details. If you don’t want to create trouble so just avoid such links. Apart from that, most of the people are unaware of Subscription Bombing and it happens when an email address of a victim is harvested from the web resulting in a heap of unwanted messages. For the deep knowing about “Subscription bombing” take a quick view at this relevant article.