Level 10

Question

[Shared Blog]: I Want to Believe, But: Your Email Link Clicks Aren’t Real

Forum|Forum|7 years ago
February 15, 2018
13 replies
14937 views

I recently came across this external blog post by @Courtney Grimes and thought it would be useful to share with the community (great post, btw, Courtney). Especially since there has been a lot of discussion/questions recently on false-positives of email opens and clicks:

demandlab.com/insights/blog/want-believe-email-link-clicks-arent-real/

I did want to comment on the guidance to combat this:

After testing this idea on dozens of different Marketo instances, the single most effective way I’ve found to track email clicks is a combination of two filters: Email was delivered + Visited web page: [web page linked to in email]

Typically, one would simply add these two filters to the smart list of the trigger campaign. When we tried that in the past, it didn't work for us since Marketo doesn't log this activity immediately as it happens - at least not in our case (especially the "visited web page" activity). We've seen up to a 45 minute delay. So we used an alternate approach: we included a "visited web page" choice in our "change program status" flow step. And prior to that flow step, we also included a 45 minute wait step. The only issue with this approach is if the user ever visited this page in the past, the choice will still be true. In other words, the choice step is not directly tied to this instance of the email click.

As Courtney states in her wrap-up, there really is no fool-proof solution. But if you had to pick one, this is probably the best approach.

Marketo

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

A

Anonymous

Hi Dan,

Another solution that we've tried before is adding a small 1x1 white image pixel into our email templates that links to a landing page. The theory being that a real human will not see the 1x1 pixel, so all of the clicks on that pixel that go through to that landing page are bots.

Then in our smart lists, we add another filter that says "did not visit web page: "enter the bot landing page name" as an additional way to filter out the bot traffic.

Dan_Stevens_Author

Level 10

Hi Courtney - there are two issues with this approach:

What if a link scanner does indeed click on that hidden image but then ultimately sends the email to the recipient's inbox - and the person clicks on one of the valid links? This approach will disregard this legitimate activity.
As mentioned in Courtney's post, using these sorts of tactics could ultimately backfire and be seen as trying to send a malicious email.

Chris_Saporito

Level 7

Dan this is exactly what we've done since realizing false clicks were such a huge problem, especially when counting them as a response. It cuts out a lot of the headtrash with deceiving email metrics. I'm pretty happy with the results of setting up smart campaigns in that way. Thanks for sharing!

Dan_Stevens_Author

Level 10

Hi Chris - yeah, the chances of someone clicking the link in the email and having visited the landing page in the past is probably pretty small. So you should be OK in that regard. The other occasional issue I would sometimes come across is the dreaded red squiggly in the value of the landing page. Some of our users were simply copying/pasting in the URL value. But just like the "visit web page" filters/triggers, the http/https protocol is not included here. And since Marketo didn't throw an immediate warning (and allowed the campaign to be activated), it wasn't until a lead tried to run through this did we get notified that there was an issue with the campaign.

One other bit of advice is to also include a "remove from flow" flow step - especially if you have additional processing that takes place in the smart campaign (e.g., setting last touch channel, date, etc. values) - for those that don't qualify for the "visited landing page" choice prior.

Grégoire_Miche2

Level 10

Hi Dan,

Put your "visited web page" as filters in a separate smart list, with an "in past 46 minutes" constraint, then in your choice, replace them by a if "member of smart list" choice, and that will remove the false positive due to older visits.

-Greg

Joelle_Andrews

Level 2

Dan, are you writing this because you've seen an uptick in this behavior recently? If so, you're not alone! I'm also looking for a method to split the difference between too much marketing suspend and too much false-positive clicking. Let me know what you find out! :-)

Dan_Stevens_Author

Level 10

Hi Joelle - I'm sharing this because it's been a topic of concern for some time now (especially in the B2B world). And to be honest, I don't think most users even know it's an issue. They see the positive metrics in their email dashboards and reports and just take it for granted that they are completely accurate. And that's not the case. Not for us and many others who have been active is a variety of related discussions here in the community. It's not Marketo's fault - although I welcome any innovative approach they may come up with to combat this). It's the nature of the business - that successfully making it into the user's inbox - especially when sending from a mass email platform like Marketo - is more challenging than ever (even though the "delivered" percentages say otherwise). And it's even more challenging for those of us that focus our campaigns using an account-centric/ABM approach (marketing to several contacts in the same account).

Here are some of the discussions I'm referring to:

Email not delivered?

How do you make your email deliverability unstoppable?

Now that ABM is such a large focus for many marketers, how are you operationally emailing everyone effectively at a sing…

Re: False positive Email delivered?

Spam filters registering clicks?

Re: False positive on email click affecting lead scoring

Email Clicks on Delivery But No Matching Web Page Visits Logged

Email Bots Logging Web Activity - HELP

Email was clicked before it was delivered? It's a link scanner

Misreporting Email Clicks - Hitting Email Probes

Joelle_Andrews

Level 2

Yeah, we've been dealing with this for a while, but in the last few weeks we've seen a huge spike in fake activity. Very annoying for us and Sales.

Casey_Grimes2

Level 10

Oh, hey, this is here! I tend to only post super-Marketo-related items on the Champions blog, so for more generalized things like this (and to hear from fabulous folks like @Liz Medeiros and @Alex Greger) you should check out demandlab.com/insights.

That said: the usual recommendation is for smaller instances to go ahead and do what Dan mentions--a trigger of "Visited Web Page" along with a filter of "Email Was Delivered" within a certain time period (usually 2-3 weeks) with a Program Status Change of "Clicked" or similar--but I like the idea of putting a wait step on just visiting the web page, waiting, and doing a delivery check for more active or larger instances.

SanfordWhiteman

Level 10

Hey Courtney, coupla things:

On your diagram you note that the branding (click tracking) server drops a cookie before redirecting. Technically, yeah, but that load-balancing affinity cookie from Marketo's F5 infrastructure isn't related to Munchkin and/or tracking, and need not be accepted by the browser. Everything works fine without it. It would (IMO) be better to leave it out of the diagram b/c some people do think Munchkin sessions start at the click tracking phase.
To the degree Visits Web Page + Email Was Delivered is actionable, isn't Visits Web Page with a Referrer constraint on your branding domain just as actionable*? Such visits always resulted from delivered emails, by definition (as long you have not completely disabled tracking, which you didn't recommend). Or maybe I'm missing a nuance to this combo. EDIT: I see now you're assuming the links aren't taggable with email-specific info! But I may be on to something in this regard... stay tuned.

SanfordWhiteman

Level 10

stay tuned.

A glimpse of what I just started working on:

The above is a legitimate, human-driven Clicked Email event, distinguished from automated clicks on the same link by a special-purpose User-Agent ("TrueVoyage").

Nicholas_Manojl

Level 8

Talk to support. Tell them about this feature*, and see if they can turn it on if it's a real problem for you:

My client turned it on recently and the results have been much more sensible than before.

*just don't ask me what it does exactly and if it actually has any impact on reporting metrics.

Dan_Stevens_Author

Level 10

Nicholas - what portion of the UI is your screenshot from?

BTW, we had this enabled a while ago and really didn’t see a difference. Good to hear that’s it’s working for some customers.

Nicholas_Manojl

Level 8

I'm a Marketo employee so I get a little extra view of the feature manager.

Abby_Ryan

Level 2

Hey All,

I just wanted to chime in with another solution that's been working for us for a while. We, too, noticed a large uptick in the number of false clicks about two years ago. One of the reasons behind this was that when I first started here I worked with IT to have the SPF and DKIM set up properly, which had a positive impact on our delivery (~97% up from ~70%), but because we were able to 'hit' more companies now, we were also encountering more spam filtering software. As machine learning continues to grow and expand, we knew we needed to draw a hard line under how we track our emails.

We now use the "Visited Web Page" trigger, with Querystring Parameter Constraints built in every time. We utilize special UTM parameters (UTM_source, UTM_medium, UTM_campaign, etc.) to delineate visitors to the page who came from the email. It's important to set these Querystring constraints to use "contains" and NOT "equals". This is because the string will not only contain the UTM, but also the user's munchkin code, etc. and you don't want to lose data. See screenshot below for an example.

To make sure that we're not double-processing or double-scoring any lead, we also exclude the email's UTM from the overall web campaign that's tracking the asset on it's own (see screenshot below).

Overall this is a bit easier to track once it's set up, and a huge benefit is that it keeps you from having to rely on long wait steps, which can also push your campaigns further down the campaign queue in priority and can lead to race condition errors.

I hope this was useful!

Thanks,

Abby

SanfordWhiteman

Level 10

... but that doesn't refer directly to links in emails (I mentioned above that if you can UTM-tag all your links, this can be a near-substitute for click tracking, but it can't be complete).

Abby_Ryan

Level 2

Gotcha - sorry Sanford. This works for our purposes, but obviously not for all.

A

Anonymous

wrote this a while ago: Marketers vs email security bots: an emerging war | B2B Lead Nurture

would be nice if Marketo formally addressed this in its backend, or by opening a backchannel to the leading bot security vendors to negotiate whitelisting marketo servers.

SanfordWhiteman

Level 10

....backchannel to the leading bot security vendors to negotiate whitelisting marketo servers.

The mail security vendors should never even consider this. Since Marketo doesn't do any egress filtering, you can send any link, including a link to a phishing site.

Casey_Grimes2

Level 10

I wanted to go ahead and piggyback on this particular thread, as there's a new complexity at play: an anti-spam measure has been updated by at least one company in the past couple of weeks to fully load pages in emails, including with JavaScript. Right now, because the IPs looking at this are Azure-based, it's a straightforward process to remove them by not loading Munchkin on Azure IPs and/or screening those IPs out of Marketo activities, but this sort of development is worth keeping an eye on.

More information is at demandlab.com/insights/blog/want-believe-butyou-cant-coast-anti-spam-measures-year-ago/

Dan_Stevens_Author

Level 10

Sandy, check out Courtney's new blog post. Does this explain the multiple clicks/visits activities that were being captured in our test lead record the other day? For what it's worth, we're in a O365 environment at Avanade.

It might be also helpful to point out that every link in our Outlook environment is wrapped in a "safelinks.protection.outlook.com" URL (with the actual URL referenced as a URL parameter).

Kevin_McMahon1

Level 4

So I've read through each comment and am still confused on the current best method to combat false positives.

Is it @Dan Stevens' approach using the Visited Web Page flow? Is it using utm parameters on every link?

@Sanford Whiteman I'm also curious about the method you're testing to track the user clicks vs automated clicks.

SanfordWhiteman

Level 10

Sanford Whiteman I'm also curious about the method you're testing to track the user clicks vs automated clicks.

I'll surely get to documenting it but I have an absurd amount of projects running at the same time, and blogging is hard, gotta get your diagrams tight and everything.

On the other hand, walking you through it live is pretty easy, so if you want to DM me I can show you what it is.

Casey_Grimes2

Level 10

A quick update here: as of today, I've picked up some new behavior by a different major antispam provider that may cause further wrinkles in this, especially around user agents (because I'm detecting different things in Marketo and on the server itself. :/) This particular company is using Amazon EC2 instances to check links and is making it to full web page visits. Hoping to have more clarity on this in the next week or so.

Show more replies

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded