If you’re a B2B marketer, then email marketing must be one of your main channels, which means you use one kind of ESP or MAP system like Marketo or another to execute on it. In that case, you may have heard about an emerging, fearsome enemy: email security bots. These bots form parts of security systems used by increasingly more companies to secure their email transport against various threats. Such bots click each link in emails sent to the domain they protect in order to verify them before marking them as either safe for internal delivery or flagging them as spam.
In case the full meaning hasn’t sunk in, I’ll repeat, in capital letters:
THE CLICKS YOUR EMAIL MARKETING AUTOMATION SYSTEM REPORTS ARE NOT ALL MADE BY HUMANS
At this point, you’re supposed to go like:
The implications are quite significant, but first, let’s isolate the issue and make sure we fully understand it.
What are email security bots
Email security bots are a feature of email security software or online services, like Barracuda. They are automated scripts that, much like search engine spiders, crawl through each inbound email and ‘click’ each link in the email to ensure it does not constitue a threat.
It is unclear how widely spread is the use of such bots. While researching for this post (because we’re serious publishers, yessir we are) we ran extensive searches and found very few direct references to the issue, which may be indicative of its novelty. Phrases like ’email security bot clicks’ and ’email click bots’ yielded almost no helpful results.
What are the implications of email click bots
For marketing automation experts, this is quite a headache. Bot clicks:
- Mess up your metrics, obviously. Especially if your database includes multiple recipients from the same organization.
- Create false positive triggers for action-based marketing programs. For example, let’s say you send a series of emails, and you either stop or enable the next step based on the recipient’s interaction. Fake bot clicks will mess it up.
- Fu** up your phased lead nurture program. Some marketers like to deploy sophisticated lead nurture programs, where leads are promoted from one stage to the other based on email engagement.
- Will make you look really good, until the questions start.
How to tell your campaigns are being affected by email click bots
This issue has been reported by marketers who noticed a surge in email click metrics. After the initial giddiness with the results, these marketers also noticed one or more of the following behaviors (hat tip Idan Hershkovich for sharing a few of these from his valuable experience):
- in the activity log timeline of the recipient, within Marketo for instance, a click event will be registered prior to a delivery event
- many clicks by email addresses from the same company or domain
- very rapid consecutive clicks reported by the system for the same recipient
- high volume of clicks occuring within the first minute of an email going out
The best method we’ve heard of so far, which we were tipped off on by marketing sorceress Yifat Danieli, is to ‘listen’ to clicks on a dummy link, e.g. a link colored in white which the user isn’t expected to see, or otherwise on a real link that she expects no clicks on (like the G+ social button, because who ever clicks it, sorry Google), which she includes in her emails. Once a click is recorded on this link, she immediately knows a bot is implicated.
How to minimize click bot damage
Here’s a few measures you can take to reduce the effect of email click bots, should you feel it. Note that some of the tips refer to Marketo, so if you’re using another system, then shame on you, and we trust you’ll be able to make the necessary adaptations.
1. Don’t rely on plain email stat reports
Seriously, don’t. First of all, they mean little, because what you should care about is the real goal of the program: to drive sign-ups; to increase registrations; to bump cold leads for inside sales treatment, or otherwise any other meaningful, lead-lifecycle-changing eventuality. But if you do need to use email stats, and begin to notice exceptional metrics in your programs, dig in a little bit and look for the signs we noted above for email click bot activity.
Note that cleaning out your reports from suspicious clicks may or may not be possible, depending on the system you use and its reporting features.
2. Use smart lists in your reaction workflows
When analyzing campaign effects or otherwise setting up triggerss for secondary campaigns that rely on email click triggers, make sure to filter out suspicious bot activity. Leverage the indicative bot patterns we mentioned about. Below is a Marketo filter example you might use:
Filter 1: selects recipients of the specific emails.
Filter 2: selects those who did not click the email 5 times or more
Filter 3: selects those who did not click the specific “link bait”
Logic between the filters: 1 and (2 or 3)
3. Use triggers to populate program statuses, filtering out suspect recipients
Marketo has super useful mechanisms for reporting on program results, and they can be easily filtered to remove records potentially ‘smeared’ by bot activity. Design your channel tags and program steps to reflect your program’s funnel, and apply filters like the above when triggering them.
4. Minimize your use of email clicks as a trigger for meaningful program decisions
Many marketeres use lead nurture flows that take into account specific clicks on contents linked in emails to trigger actions such as: sending the person to another stream; applying a score increase, removing them from the program; sending internal alerts, and so forth.
Since bot clicks are in essence false positives, ignoring them puts your programs at risk of causing completely wrong flows to take place. For example, let’s say you have a flow that responds to a click by alerting your inside sales team that the lead is now actively reading his email and therefore should be approached more directly, e.g. via a personal email or, if your organization is that aggressive, a phone call. You can imagine the result of sending such alerts based on false alarms…
Have you noticed bot activity in your reports or logs? let us know in the comments, and include any additional useful tips and strategies for dealing with this rather phenomenon.
Top photo credit: peace6x @flickr