Fake clicks from SPAM filters - is there an end in sight?

We don't have the granularity to view this in Marketo's UI, but my guess is that all link clicks are very close together in the same minute. Perhaps even in the same second. I don't think we can use that data in Marketo via the UI, but there must be a way for Marketo to see that on the back end! Our lead scoring is all messed up because of this, and it's giving false information to Sales—and making them not trust us!

I, like many, am constantly fighting this in our instance. Bot clicks are a serious source of frustration for our marketers who are sometimes getting a skewed perspective of results. Of COURSE, I am fully on board with a built-in Marketo solution to help address and normalize real-person activity and that of spam filtering technology. But that being said, part of me thinks there is no permanent solution. If an email marketing platform can easily understand what activities are being driven by a bot or triggering a bot to scan/click/etc., wouldn't someone with malicious intent be able to use the same exact information to avoid the can/spam checkers from the get go, and/or be able to react differently to a bot response than they do to a real person response? I.e. be a nice safe website with no code injecting or phishing scams present for bot traffic, but then presenting a different experience to people? I know I'm being overly simplistic, but doing this accurately and forever seems like a pipe dream.

I'm probably not thinking about a lot of things correctly, but as much as I would absolutely utilize and cherish this feature, I just don't see it being a holistic and viable long-term ask of Marketo. At least, not without direct cooperation of those can spam technology companies.

We have a surpression Smart List that tracks clicked more than 5 links in 2 minutes without an email open, then excludes those people from running through the scoring campaign until after 2 minutes. It's not perfect, but it helps. Stops the worst offenders at least.

Going off of volume of clicks, frequency of clicks, or even the link clicked isn't a viable solution because with thousands of customers sending out thousands of emails a year, there will bound to be scenarios where each of those was the desired behavior and we'll end right back up over here but with the opposite problem of Marketo not counting real clicks.

Instead, I would suggest looking at the order of events. SPAM filtering servers often ghost click the links to validate there is no malicious intent, but without registering opens, so one solution would be to not count clicks unless the email has also been already opened. Alternatively, if the link is for your own domain, don't count the click unless the web page visit is also logged. This isn't a fully comprehensive solution since GDPR and cookie-enablement could prevent this from being error-free, not to mention not every link is for your own domain.

Another interesting solution is that Marketo white-labels 250ok for it's email deliverability metrics. It could tap into that existing relationship and only count clicks if the email also has a successful delivery.

Ultimately, systematically solving this problem would require building for all corner cases not just the mean, so better understanding all of the root causes would help provide for a more informed decision regarding possible solutions. However, human behavior can't dictate the solution since that behavior itself isn't consistent across the millions of email recipients.

Here's an helpful article that explains how email clicks are fake - demandlab.com/insights/blog/want-believe-email-link-clicks-arent-real/

We implemented a simple solution for SPAM Clicks. If there are more than 3 clicks in the same email. We dont consider it. We built a smart campaign around it.

There are numerous ways to resolve this. I decided to rely on program statuses and did the following:

1. I updated my email templates to include 2 linked pixels. one at the very top and one at the very bottom of said email template.
2. each of those pixels were hard linked to our homage with utm tokens added
3. I updated the utm_term to read ...&utm_term=clicked-top--{{my.utm_term}} and ...&utm_term=clicked-bottom--{{my.utm_term}} respectively.
4. updated smart campaign filter: I made sure to exclude anyone who clicked a link containing utm_term=clicked-top or utm_term=clicked-bottom in the past 1 minute .

Additionally, I also added anyone who clicked those links to a global list for safe keeping -- this was mainly as a sanity check to know who's email clients were click-happy.

Whether right wrong or indifferent it worked for me...

I'm currently testing a bandaid for reporting and scoring. I created a smart campaign triggered off of an email click OR email delivered with filters saying the click and delivered happened in the last minute with the flow adding them to a static list called "suspected false clicks". I'm going to review the list over the next few weeks and see how accurate what we captured is. I'm debating adding a min of 2-3 clicks as well. If I can narrow it down enough, we can use it to exclude from reporting and scoring.

We have a hidden link at the top of our templates and if that is clicked we know it is a bot and use a smart campaign to remove from flow.

<tr style="display:none;visibility:hidden;">

<td width="1" height="1" style="margin: 0 auto;display:none;visibility:hidden;width:1px;height:1px;" align="center"> <a href="https://www.skyboxsecurity.com/?botlink" style="outline: 0;text-decoration: none;"></a> </td>

</tr>

So, I just want to quickly note here that we've discovered a new type of anti-spam checking behavior over the past several days that conventional methods have a hard time capturing. Rather than fire around the time of delivery, it fires on a recurring basis, presumably until the recipient actually opens the emails and clicks on any links. From an antispam point of view, this makes sense--you can't bait and switch the URL contents after delivery--but it's massively annoying to find. I'm trying to come up with a predictable way of catching this outside of IP traffic so it can be managed via Marketo, but it may be a bit until there's a bulletproof way to catch this.