Are Bots Affecting Your Email?

jaleonard19 · ‎Nov 15, 2019

Hi, HubSpot Community. I’m Jake from the HubSpot Product team. In the last year, the marketing industry as a whole has seen a spike in bot clicks in emails, so I wanted to take a moment to discuss what bot activity looks like, who’s most likely to be affected, and what you can do to address it.

What’s bot activity?

Bots are the source of a lot of internet traffic today. It’s estimated that more than half of web traffic originates from a bot, and bots are more sophisticated today than even a few years ago. Not all bots are bad bots, though! Google’s search engine bots, for example, crawl websites and index them; HubSpot’s chatbots help to facilitate conversations with your prospects and customers without requiring a human.

Unfortunately, there are also bots that create fake clicks and false impressions for apps, websites, and emails. With email, bots are designed to click links in emails as a way to explore, identify, and prevent links to malware or phishing attacks from entering a recipient's inbox.

Okay, so what does bot activity in emails look like?

Email bot activity differs from what bot activity may look like on a website. Bot activity in email is typically security software sitting in front of a recipient’s (or contact’s) inbox. That security software will open the email and, typically, engage with some (if not all) of the corresponding links in that email, following them through the redirect. These actions simulate real user engagement potentially causing false opens and clicks data to be recorded.

Every email marketer who has sent an email campaign has probably been affected by bots. And bots are tricky for email marketers because the email engagement events (opens and clicks) they generate can get recorded alongside legitimate ones. This leads to email campaign statistic inflation as well as automation being tripped based on these false events.

Who’s more likely to be impacted?

Bots don’t impact all marketers equally. These security filters are much more common in industries tied to finance or healthcare but aren’t as common in B2C marketing. Generally, regulated industries where contacts use a company email see more bot clicks than personal email addresses on email providers like Gmail or Office365.

So, what can we do about it?

For HubSpot, identifying bots and separating them from legitimate contact engagement has been, frankly, a game of Whac-a-Mole. In the last year, the industry as a whole has seen a spike in phishing emails. This rise in phishing has led to corresponding increases in companies adding security software (i.e., more bot activity).

At HubSpot, we’re doing our best to address this rise. Currently, we’re working on redesigns to email reporting to better separate legitimate contact email engagement from that generated by security software. The entire team at HubSpot, including myself, recognizes this can cause anxiety for a marketer. We will continue to do everything we can to find a solution that best addresses this problem. Until we have a full solution, we’ll be monitoring this thread to answer any relevant questions or concerns and respond to any feedback you have about this.

jaleonard19 · ‎Feb 10, 2020

Posting an update to this community thread as we are releasing some new bot detection software for marketing email. We have had a solution to bots in email for a while now. It was an IP based approach that worked fine but had some flaws. As we have dug into this problem it has become clear that increases in bot activity is an issue felt not just by HubSpot, but the entire email industry.

This week we are rolling out new tools for bot detection to HubSpot customers, and here are some notes on it:

The new tools take a behavioral-based approach. We look for patterns in the open or click events that indicate a likelihood of being generated from a bot.
We will be rolling this out to all HubSpot accounts this week.
No action is needed. If bot filtering is turned on for your account then it will just work.
This does not change any email campaigns sent in the past. It only impacts emails going forward.

It is impossible to capture all events generated from bots. If you believe you are still seeing bot activity feel free to post comments here or open a ticket with our support team. Our engineering team is continuing to monitor bot activity on our email and will take appropriate additional steps if they are needed.

View solution in original post

Phil_DM2 · ‎Nov 18, 2019

Very interesting. Our company has noticed strange email open/click behavior in the past. Most notably, we had some unusual spikes in direct traffic from recipients only clicking the first link in every email we sent (the link happened to be from our company logo and led to our website's home page, which may have caused it to trigger as Direct?)

Essentially, we were seeing dozens of clicks from each email but with absolutely no engagement otherwise. It was really bizarre, and it did seem like some strange bot activity. Even this year, sometimes our emails consistently get the same number of clicks from the same people (give or take 20-23 clicks), while other emails receive nothing at all. Strange...

jaleonard19 · ‎Nov 19, 2019

Thank you for sharing. A lot of that does sound like bot activity. Two common patterns are:

Opens or Clicks almost immediately after the email was delivered. You can see this by clicking into the 'Recipients' tab on the individual emails. Then expanding the contact's timeline of events. If the timestamp for the delivered and the open or click are very close together (less than a minute or two). That is a strong indication it is a bot.
If every single link in the email is clicked. That is another strong indication it is a bot. We will see the same emails delivered to the same domain, and all come out with exactly 15 clicks. Again most likely a bot.

sarahaas · ‎Nov 20, 2019

Another way we noticed the large scale extent of this problem (we sell into very large enterprises who probably have extensive security protections) is when the number of clicks at a company equals the number of opens. We try to aggregate engagement at the company-level and found most companies had that occurring.

jaleonard19 · ‎Dec 2, 2019

Yes! Absolutely...looking at patterns across like recipient domains is definitely another way to identify companies using security software on their email inboxes.

Phil_DM2 · ‎Nov 25, 2019

Oh wow, this totally lines up with what we've been seeing! Most notably, a contact clicks a link multiple times as well, and it's almost always as soon as the email is delivered to them. Is there anything we can do to avoid this or prevent it from continuing? Last month it completely skewed our metrics since we had way more Email traffic than we normally would. Now, we seem to be having a lot less.

jaleonard19 · ‎Dec 2, 2019

Hi @Phil_DM2 - Thanks for sharing. That is unfortunate that it skewed your metrics the previous month. We have been doing some interim work to identify some of the worst offenders and make sure those open & clicks aren't recorded. This may be why you are seeing less now.

In terms of what you can do - nothing at the moment. We are in the midst of rolling out a new solution for bots on email. So you should continue to see your metrics get more and more accurate over the coming months.

DanFromCF · ‎Dec 13, 2019

Hi @jaleonard19 ,

When you say you're identifying the worst offenders and making sure their engagement isn't recorded, does that mean we won't get any engagement metrics at all from certain accounts? If so, I think that's a bit heavy handed.

Also, there's another obvious sign of a bot that hasn't been mentioned here: when a contact registers as both a click and a hard bounce. If illusory engagement like that could be filtered out of the metrics, rather than entire accounts, that'd be the most balanced solution IMO.

When the new solution rolls out, will there be a report of what filters have been implemented? Would be good to know when this happens so we can start using email engagement data for lead scoring and other purposes.

jaleonard19 · ‎Dec 16, 2019

Hi @DanFromCF -

Certainly not, we are not blocking individual email accounts, domains or anything that would prevent you from seeing legitimate engagement metrics. We use other signals on the open and click events that we capture to separate and block the bots (IP, UserAgent, etc.).

The new solution will actually be based more on behaviors. For example, if we see an email opened and then a click on every single link on the email within a short time window then that is a good indication that it is a bot. Another could be opens of the same email, at the exact same time across similar domains.

I hope that clarifies some of your concerns! Let me know if you have any more questions.

mrspabs · ‎Dec 4, 2019

Thanks for posting this. I notice that in my emails, 14% clicked on the logo which kind of makes no sense. If there is a beta or something, I would be interested!

jaleonard19 · ‎Dec 9, 2019

Hi @mrspabs - eeeekkkk. Yea that doesn't sound right, sorry you are running into that. Unfortunately, we are not doing any formal Beta, rather we are doing a generalized slow-roll out of the solution.

Mike_Donnelly · ‎Dec 10, 2019

This was also posted to the ideas forum.

One thing we've been doing and it's partially working (i.e. - need to send more email and this solution will never be a 100% answer as spam systems are always changing the way they work and no two are exactly alike), but add an invisible link to a page on your site in your emails. For example, in the below screenshot, "Communication" had a link to an old blog about "Communication", but it looks like all the rest of the text so unless you got lucky and moused over it, you'd never know it was a link. Then we segmented the people (aka bots) that were sent the email and clicked on the link and sure enough, by looking at the details of the clicks it's very clear it's a bot clicking (screenshot below - this is a monthly newsletter so has a ton of links in it). The next step which is still a work in progress is to add a specific list of domains that have suspicious / bot clicks and then segment these out of any automated follow up that is based on activity. One thing to mention is that some bots / spam systems will not click on every link in an email, but by doing this on every email you send, you can start to identify / weed out the domains that have aggressive spam systems in place that adversely affect reporting and other automated tasks. You can also segment your sends so that one email goes to suspicious domains and the other goes to people that don't have the suspicious activity. Then you can manually review the suspicious activity to determine next steps. Not a perfect solution and I'll share more on some things we're working on.

Screen Shot 2019-12-10 at 6.08.30 PM.png

Screen Shot 2019-12-10 at 6.09.04 PM.png Screen Shot 2019-12-10 at 6.10.41 PM.png

jaleonard19 · ‎Dec 16, 2019

Thanks for sharing @Mike_Donnelly! Very interesting solution, basically a captcha like solution for email. Mind sharing the ideas forum post here?

Mike_Donnelly · ‎Dec 17, 2019

Hey @jaleonard19 - Thanks and the above was everything I posted in the ideas forum. We're working on a few other ideas which will flag domains, but it's still a work in progress. Essentially, if you bubble up the top domains clicking a lot of links, you can be extremely confident they're coming from bots / spam systems. Then you can further investigate by looking at the timeline. Much of what you've specified is what we've been working on. Not a perfect solution (as it never will be), but it removes a lot of noise.

ramialbader · ‎Jan 6, 2020

we are receiving "clicks" even without the recipient clicking the link at all. There is no distinction between opens and clicks , this has happened after applying secure mail gateway, we have opened a ticket and it was transfered to you if you have reached for a workaround/solution of the issue yet, your quick response is highly appreciated.

MikeW1 · ‎Jan 8, 2020

Yes, they are . Can you please resolve this issue as we cannot distinguish between "clicks" and "opens" . This inability from Hubspot to fix this is having a direct impact on my ability to perform my job. I am imploring you to please give this a priority

much appreciated

johnhenry · ‎Jan 29, 2020

Hi Jake,

Thanks for your post. I only saw this thread now. We noticied major issues last year regarding US traffic (we are Australian based). I flagged this with the support team who danced around the issue and did not really give me an good answer which I was quite disappointed with. I'm glad there is this thread acknowledging it.

I just wanted to post to flag this again as a key issue for our marketing reporting and metrics, because it largely skews the data. Hopefully a fix is discovered soon.

jaleonard19 · ‎Feb 10, 2020

Deleted comment

jaleonard19 · ‎Feb 10, 2020

Posting an update to this community thread as we are releasing some new bot detection software for marketing email. We have had a solution to bots in email for a while now. It was an IP based approach that worked fine but had some flaws. As we have dug into this problem it has become clear that increases in bot activity is an issue felt not just by HubSpot, but the entire email industry.

This week we are rolling out new tools for bot detection to HubSpot customers, and here are some notes on it:

The new tools take a behavioral-based approach. We look for patterns in the open or click events that indicate a likelihood of being generated from a bot.
We will be rolling this out to all HubSpot accounts this week.
No action is needed. If bot filtering is turned on for your account then it will just work.
This does not change any email campaigns sent in the past. It only impacts emails going forward.

It is impossible to capture all events generated from bots. If you believe you are still seeing bot activity feel free to post comments here or open a ticket with our support team. Our engineering team is continuing to monitor bot activity on our email and will take appropriate additional steps if they are needed.

View solution in original post

jstasse · ‎May 25, 2020

Hi Jake,

Thanks for rolling this feature out, but I just want to report I saw today a pattern of suspicious bot activity on one of our email sends. We were able to detect it because:

- a large percentage of recipients from the same email domain clicked on the links within a minute of receiving the email

- none of them converted (they had to fill a form to get access to the white paper our email was promoting), while the conversion rate at other companies was roughly 40%.

I opened a ticket with the support team, but you can email me if you want details.

jaleonard19 · ‎May 28, 2020

Hi @jstasse,

Sending you a direct message to follow up on that support ticket.

Cheers,

Jake

yepezrick · 3 weeks ago

We have noticed similar patterns when sending marketing emails to goverment agencies specially airport administration and Department of Transportation (DOT). It appears all the members of the organizations open or click the email. In turn, this data gets reported under the email performance metrics. Does the new filter work with these types of accounts? This will help us have more accurate reporting of email performance and clicks.

anandkjain · ‎May 27, 2020

Hi,

I was shocked to see Hubspot reporting 70% open rate within a few seconds of sending the mail and all of them were opened by the same browser at the same time.

This was especially surprising because you would not find so many people sitting in front of computer at 4.45 am. Please check this bug.

jaleonard19 · ‎May 28, 2020

Hi @anandkjain,

Do you have bot filtering turned on in your HubSpot account?

If you do and are still having issues then go ahead and fill out a support ticket. The issue does not originate in HubSpot's reporting but from recipients inboxes. It is bots (google image cache, security software, etc.) that are actually loading the embedded pixel we use to track email opens. Still, we work to keep your data as clean as possible.

Cheers,

Jake

MikeW1 · ‎May 28, 2020

Hello

Thanks for the update ..I must say that this issue is the single most irritating and frustrating problem I am encountering. It prevents us from seeing accurate data. Too bad you can't resolve it

JPullan · ‎Aug 25, 2020

Hi Jake,

I've had a support ticket open for this for quite a while, having escalated it through our Account Manager, and the response is that nothing can be done except the improvements being gradually made.

Working in regulated B2B spaces our email engagement reporting, and any automation that relies on it, is currently useless. With over 50% of our 'engagement' being false we've had to strip opens and clicks out of Lead Scoring and rely on page views (to my knowledge these are still reliable, but we will lose anybody denying/blocking cookies).

Needless to say this is significantly denting the usefulness of a significant part of HubSpot's 'Marketing Hub', I am suprised that more of HubSpot's B2B customers aren't up in arms about this. Without any mechanism to report and improve the bot filtering, and no transparency over the timeline or existence of any planned changes, this must be weighing heavily on the renewal decisions of quite a few customers.

darshakparmar · 4 weeks ago

In a B2B marketing environment, Click Rate has become the most unreliable matric. If Hubspot can find a way to exclude data of those clicks which happen within 60 seconds from the time email is sent, I think the majority of fake data will be eliminated from the report. This is the simplest thing HubSpot can do.