- FREE MA GUIDE & CHECKLIST -

The issue of click bots and how to overcome them

The simple steps you can take to protect yourself against click bots.

- FREE MA GUIDE & CHECKLIST -

The issue of click bots and how to overcome them

0%
of clicks might be bots (are you?)
Spam bot scanners protect many of us at home and work, clicking one or more links in every email sent to us to decide if it’s safe from phishing scams, before being allowed to deliver to our inboxes for us to open.

 

In this guide we're exploring

  • What are email click bots?
  • How does it affect you?
  • What you can do to mitigate the effects?

The problem for email marketers is we can no longer trust open and click data at all. How is a marketer to know if a real person engaged with our email or not? Click scoring is broken and we have a false sense that our emails are working, yet lose face with sales when investigating individual cases.

All the major players in the marketing automation space continually rack their brains in looking for effective solutions. Most recently Pardot announced a product update at the turn of 2019 that filters out clicks from the most commonly-known security scanners, but the problem still largely prevails.

I’m here to tell you the good news… there’s a few simple steps you can implement in your marketing automation platform to proof against these click bots. I’ll demonstrate the setup in Marketo, but the concepts are still transferrable to alternative platforms.

 


1. Limit Scoring Frequency

This one’s a no-brainer. If you haven’t already, set a limit on scoring of email clicks to a maximum of once per hour. This will limit the damage spam bots from wrongly generating MQLs, by capping the score increase to only a few points per email send, rather than multiplying that increase by all the links in the email.

From a lead nurturing perspective, I see no issue in this cap on clicks. Traditionally salespeople are reluctant to accept MQLs on the basis of high email click-activity, so focusing on higher-engagement activities should be seen as a positive.

2. Bait Links

I’m not a fan of hidden links in emails, such as a white box image that’s been embedded with a URL so recipients can’t visually see it.

In theory, they’re put there because you know anyone who clicks it is actually a bot just clicking every link it scans - since why would any person click it?

However, many spam filters lookout for these hidden links as a flag to mark an incoming email as marketing spam, so you’re just exacerbating the original problem.

Therefore, have a think about the operational emails you’re already putting into every email that you wouldn’t expect any recipient to click regularly. Privacy policy and social links are great example of this.

Once you’ve identified any or all of these, set up a smart campaign that looks up anybody who’s clicked multiple operational links in a recent time period (such as one month).

You can set this smart campaign to recurring with the action of adding all suspects to a ‘Spam Bot Suspects’ list to contain them all together.

There is then one of two actions to choose from with this list:

A -Add it as an exclusion to all email campaigns 

B -Continue to include them in email campaigns, but as an exclusion list on all reporting.

Option B would be the recommended option because you shouldn’t stop nurturing any account on the basis that they’ve implemented a spam filter and by excluding them from sends completely, you’re eliminating the opportunity of individuals engaging with the content, or even requesting to get in touch with sales.

3. Include Only Clicks That Follow An Open

This one’s a bit more controversial and I’d actually recommend avoiding implementation. The idea is that, if it’s not preceded by the email being opened, the click activity is ignored or the email address would be added to the ‘Spam Bot Suspects’ list - since the spam bot scanners generally only click emails and do not open them.

However, open rates are never totally reliable because they depend on an embedded graphic pixel being loaded on the reader’s browser to capture the open, which doesn’t always happen, yet the subsequent email clicks may be genuine and captured accurately.

Therefore, if missing open activity is used as a trigger for click bot activity, it’s susceptible to discounting real click activity. At the very least, Steps 1 & 2 should be implemented in isolation for a period of time before considering Step 3.

4. Discount Simultaneous Deliveries and Clicks

Whilst not available in the basic setup of tools like Marketo, with a third party plugin, you can pull a view of instances where deliveries and clicks take place in the same minute - which would suggest click bot activity. It’s highly unlikely that an email would be delivered, opened, read and then clicked within the same minute, so multiple instances of this on the same individual’s record is sufficient to add them to the ‘Spam Bot Suspects’ list.

If the issue of click bot activity is a often raised in your organisation and you’ve lost confidence from sales in the quality of MQLs, this is most certainly worth the investment for the most concrete measure available of what is click bot activity.

5. Automatic Domain Tagging

The steps offered so far allow you to develop the right setup for your company in terms of what should constitute ‘Spam Bot Suspect’ records. Once you have this, to keep it evergreen and ensure any new records entering the database with the same domain are automatically added to the same list, you can set up a trigger campaign that automatically adds new leads who enter the database with an offending email domain, straight onto the list. This avoids them having to fall into the trap themselves, since you’re predicting they will on the basis of the email domain.

This will require a small routine task (such as on a quarterly basis) to lookup any new email domains that have been added to the ‘Spam Bot Suspects’ list for the first time in the last period (quarter) to ensure they’re automatically captured moving forward.

6. Retesting Domains

Your reputation as an email sender constant changes, as do the parameters of what a filter considers spam, so it’s always advisable to review what you’ve previously marked as ‘Spam Bot Suspects’ to see if the click activity has changed since.

A simple, time-saving way to do this is to run a report on email addresses within this list that have been emailed recently, yet no click activity has been recorded. Upon further investigation of these records, it may be that some domains can be white listed again.

7. Scoring Penalty

The final thing to consider is the penalty for any email address that falls into your trap and gets added to the ‘Spam Bot Suspects’ list.

To be on the safe side, you could simply reset their score on the basis that you can’t really drill down into how much of the activity is genuine up to the point that click bot activity has been recognised.

I would instead however recommend a more conservative reduction, such as -10, to attribute for a couple of wrongly scored clicks rather than undo other possible high-value engagements. You can always see the impact and change the penalty score later.


Need more help with marketing automation?

Struggling for time, resource or expertise? This template is one of the many models and techniques our consultants use when helping clients develop their marketing automation and multi-channel campaigns.

If you have questions, want to bounce around some thoughts, ideas or questions then reach out to us at enquiries@protocol.global or connect with us on LinkedIn or Twitter @protocolglobal.

Download Your Free Excel Checklist Now

Image

We will email you a download link to your business email address (excludes Gmail, Outlook etc)

0%
of clicks might be bots (are you?)
Spam bot scanners protect many of us at home and work, clicking one or more links in every email sent to us to decide if it’s safe from phishing scams, before being allowed to deliver to our inboxes for us to open.


In this guide we're exploring

  • What are email click bots?
  • How does it affect you?
  • What you can do to mitigate the effects?
SWIPE UP to READ the How-To Guide

FIRST, DOWNLOAD YOUR ESSENTIAL CHECKLIST

Image

We will email you a download link to your business email address (excludes Gmail, Outlook etc)

ESSENTIAL GUIDE

Spam bot scanners protect many of us at home and work, clicking one or more links in every email sent to us to decide if it’s safe from phishing scams, before being allowed to deliver to our inboxes for us to open.

In this guide we're exploring

  • What are email click bots?
  • How does it affect you?
  • What you can do to mitigate the effects

The problem for email marketers is we can no longer trust open and click data at all. How is a marketer to know if a real person engaged with our email or not? Click scoring is broken and we have a false sense that our emails are working, yet lose face with sales when investigating individual cases.

All the major players in the marketing automation space continually rack their brains in looking for effective solutions. Most recently Pardot announced a product update at the turn of 2019 that filters out clicks from the most commonly-known security scanners, but the problem still largely prevails.

I’m here to tell you the good news… there’s a few simple steps you can implement in your marketing automation platform to proof against these click bots. I’ll demonstrate the setup in Marketo, but the concepts are still transferrable to alternative platforms.


1. Limit Scoring Frequency

This one’s a no-brainer. If you haven’t already, set a limit on scoring of email clicks to a maximum of once per hour. This will limit the damage spam bots from wrongly generating MQLs, by capping the score increase to only a few points per email send, rather than multiplying that increase by all the links in the email.

From a lead nurturing perspective, I see no issue in this cap on clicks. Traditionally salespeople are reluctant to accept MQLs on the basis of high email click-activity, so focusing on higher-engagement activities should be seen as a positive.

2. Bait Links

I’m not a fan of hidden links in emails, such as a white box image that’s been embedded with a URL so recipients can’t visually see it.

In theory, they’re put there because you know anyone who clicks it is actually a bot just clicking every link it scans - since why would any person click it?

However, many spam filters lookout for these hidden links as a flag to mark an incoming email as marketing spam, so you’re just exacerbating the original problem.

Therefore, have a think about the operational emails you’re already putting into every email that you wouldn’t expect any recipient to click regularly. Privacy policy and social links are great example of this.

Once you’ve identified any or all of these, set up a smart campaign that looks up anybody who’s clicked multiple operational links in a recent time period (such as one month).

You can set this smart campaign to recurring with the action of adding all suspects to a ‘Spam Bot Suspects’ list to contain them all together.

There is then one of two actions to choose from with this list:

A -Add it as an exclusion to all email campaigns 

B -Continue to include them in email campaigns, but as an exclusion list on all reporting.

Option B would be the recommended option because you shouldn’t stop nurturing any account on the basis that they’ve implemented a spam filter and by excluding them from sends completely, you’re eliminating the opportunity of individuals engaging with the content, or even requesting to get in touch with sales.

3. Include Only Clicks That Follow An Open

This one’s a bit more controversial and I’d actually recommend avoiding implementation. The idea is that, if it’s not preceded by the email being opened, the click activity is ignored or the email address would be added to the ‘Spam Bot Suspects’ list - since the spam bot scanners generally only click emails and do not open them.

However, open rates are never totally reliable because they depend on an embedded graphic pixel being loaded on the reader’s browser to capture the open, which doesn’t always happen, yet the subsequent email clicks may be genuine and captured accurately.

Therefore, if missing open activity is used as a trigger for click bot activity, it’s susceptible to discounting real click activity. At the very least, Steps 1 & 2 should be implemented in isolation for a period of time before considering Step 3.

4. Discount Simultaneous Deliveries and Clicks

Whilst not available in the basic setup of tools like Marketo, with a third party plugin, you can pull a view of instances where deliveries and clicks take place in the same minute - which would suggest click bot activity. It’s highly unlikely that an email would be delivered, opened, read and then clicked within the same minute, so multiple instances of this on the same individual’s record is sufficient to add them to the ‘Spam Bot Suspects’ list.

If the issue of click bot activity is a often raised in your organisation and you’ve lost confidence from sales in the quality of MQLs, this is most certainly worth the investment for the most concrete measure available of what is click bot activity.

5. Automatic Domain Tagging

The steps offered so far allow you to develop the right setup for your company in terms of what should constitute ‘Spam Bot Suspect’ records. Once you have this, to keep it evergreen and ensure any new records entering the database with the same domain are automatically added to the same list, you can set up a trigger campaign that automatically adds new leads who enter the database with an offending email domain, straight onto the list. This avoids them having to fall into the trap themselves, since you’re predicting they will on the basis of the email domain.

This will require a small routine task (such as on a quarterly basis) to lookup any new email domains that have been added to the ‘Spam Bot Suspects’ list for the first time in the last period (quarter) to ensure they’re automatically captured moving forward.

6. Retesting Domains

Your reputation as an email sender constant changes, as do the parameters of what a filter considers spam, so it’s always advisable to review what you’ve previously marked as ‘Spam Bot Suspects’ to see if the click activity has changed since.

A simple, time-saving way to do this is to run a report on email addresses within this list that have been emailed recently, yet no click activity has been recorded. Upon further investigation of these records, it may be that some domains can be white listed again.

7. Scoring Penalty

The final thing to consider is the penalty for any email address that falls into your trap and gets added to the ‘Spam Bot Suspects’ list.

To be on the safe side, you could simply reset their score on the basis that you can’t really drill down into how much of the activity is genuine up to the point that click bot activity has been recognised.

I would instead however recommend a more conservative reduction, such as -10, to attribute for a couple of wrongly scored clicks rather than undo other possible high-value engagements. You can always see the impact and change the penalty score later.


Need more help with marketing automation?

Struggling for time, resource or expertise? This template is one of the many models and techniques our consultants use when helping clients develop their marketing automation and multi-channel campaigns.

If you have questions, want to bounce around some thoughts, ideas or questions then reach out to us at enquiries@protocol.global or connect with us on LinkedIn or Twitter @protocolglobal.

Grab Your XLS Checklist

Image

We will email you a download link to your business email address (excludes Gmail, Outlook etc)

Share this Post

London Office

16 Upper Woburn Place
Bloomsbury
London
England
WC1H 0AF

Milton Keynes Office

Fairbourne Drive 
Milton Keynes
Buckinghamshire 
England
MK10 9RG

 

Copyright Protocol Global Ltd 2014-2019. All Rights Reserved.

Registered in England No. 9502225. 16 Upper Woburn Place, Bloomsbury, London, WC1H 0AF

'Protocol' and 'Protocol Empowering Marketers' are Trademarks of Protocol Global Ltd.

Privacy & Legal