Without you having to do a thing, Convert Forms is already protecting you from form spam submissions. Since version 2.1.0 a honeypot field is added to each form by default.
Well, it has nothing to do with a cute bear. A honeypot is a field designed to catch spammers in the same way an actual pot of honey would catch flies. It's just a hidden field placed into every form and it's designed to make form submission fail if anything is entered into it.
The vast majority of spam submissions come from automated programs called spam bots. When they see a form, they are programmed to fill in every field. And, since they can't tell a honeypot from a normal field, the honeypot gets filled in and the form submission fails.
Where can I find the Honeypot option?
The Honeypot Anti-Spam protection is by default enabled on every single form. In case you'd like to make sure it's enabled, edit your form, click on the Behavior panel from the left toolbar and make sure the Enable Anti-Spam Honeypot option is set to Yes as shown in the picture below.
Honeypots are highly effective and used by web security experts around the globe. There's a high probability that Convert Forms' native honeypot feature is all you need to prevent the majority of form spam.