Just to add another reason why captchas are useful - a platform I operate was recently targeted by stolen CC testers that registered thousands of accounts to make the cheapest possible purchase on our site. I had to deal with the fallout, taking dozens of calls from angry people, refunding the transactions (of course you lose the transaction fee) etc. The only way to effectively stop them was a captcha on the checkout, and this is also what our payment processor, PayPal, required we do to reinstate our account. There's no other signal that can be used, user agent was random, IP was random etc.