Just to add to David’s answer and list a couple of other options:
In case you are dealing with authenticated users, there is also the option to send auth tokens to the collector as a context entity and validate the tokens using the JS Enrichment or the API Enrichment. This would also enable you to enrich the events with additional user data based on the auth token.
Another option is to implement the reCaptcha API to validate data attached to each event as proposed in this reCaptcha v3 enrichment RFC.