You're assuming the client/employer can actually distinguish between the two. I'm not sure that's the case for many jobs.
The end result, spam disappeared and we didn't add much pain to our customers.
Most spammers likely don't go check every website to see how they can break the captcha, they just set up a script to go fill out forms and submit them.
They're solution, while not being the "awesome, technologically advanced solution", if it prevented spam, was a working solution without the complexity of actual captchas.
Furthermore, as captchas have been known to be broken, who's to say that the spammers tool doesn't recognize valid, commly-used captchas and break them automatically? As opposed to a field that says "Type the following word", which the spammers don't (can't easily?) check for.
When CAPTCHA is just simulated on the client, then it's clear indication of malicious intent (of getting paid for faking real job).
That said, CAPTCHA should not be used at all. But torturing users with CAPTCHA while allowing bypass access to bots is more advanced level of evil.
Usually scammers treat their victims as customers and wish them well.
In this particular example it was combination of technical incompetence [not being able to deliver proper CAPTCHA] with scam [of getting paid for project that did not deliver on promise].
That doesn't excuse the programmer. As a web programmer, it is, to some extent, their job to know when they're out of their league. But second-order knowledge can be a rare skill.
Don't believe me?
Think about how often you see obvious SQL injection problems - the same (lack of!) thought process is responsible for both.