Hello @AlanO80 ,
I'm really not sure what someone "hacking your site" has to do with us since we don't handle site management. If you feel as though it's too easy for someone to gain access to your site by simply signing up for emails, then logically you'd want to work with your site builder to make your site either require an account login, or you'd need to find some other means of tightening access to it. Having it accessible by simply entering an email address isn't really a best practice if you're trying to keep your site from being normally viewable.
Spam email submissions in the way you describe, if they avoid the reCaptcha triggers, are exceedingly unlikely to be actually managed by real people. The point of Confirm-Opt-In is to 1) ensure that the email addresses being submitted are legitimately wanting your emails (i.e. not someone submitting another person's address), and 2) to protect you from getting bogus or non-permissible addresses that bloat your pricing, and unsub/spam stats, since the confirmations must be manually approved.
... View more
