Its a very normal case at present.those bot attacks are quite impossible to stop.capcha & proof of authencation etc are useless method to get rid of those attack.even temporary stopping the bounty registration form, wouldn't going to work cause after resume the google form, bot attack keep happening continueously. So manager can't do anything without removing those bot manually from the spreadsheet.
You are mistaken, it is possible to create dynamic answers to questions and therefore the fraudster will not be comfortable and he will abandon his idea. Scammers are looking for inexperienced managers and make an attack