Are Bots Affecting Your Email?

HubSpot Product Team

Hi, HubSpot Community. I’m Jake from the HubSpot Product team. In the last year, the marketing industry as a whole has seen a spike in bot clicks in emails, so I wanted to take a moment to discuss what bot activity looks like, who’s most likely to be affected, and what you can do to address it.


What’s bot activity?

Bots are the source of a lot of internet traffic today. It’s estimated that more than half of web traffic originates from a bot, and bots are more sophisticated today than even a few years ago. Not all bots are bad bots, though! Google’s search engine bots, for example, crawl websites and index them; HubSpot’s chatbots help to facilitate conversations with your prospects and customers without requiring a human. 


Unfortunately, there are also bots that create fake clicks and false impressions for apps, websites, and emails. With email, bots are designed to click links in emails as a way to explore, identify, and prevent links to malware or phishing attacks from entering a recipient's inbox.


Okay, so what does bot activity in emails look like?

Email bot activity differs from what bot activity may look like on a website. Bot activity in email is typically security software sitting in front of a recipient’s (or contact’s) inbox. That security software will open the email and, typically, engage with some (if not all) of the corresponding links in that email, following them through the redirect. These actions simulate real user engagement potentially causing false opens and clicks data to be recorded.


Every email marketer who has sent an email campaign has probably been affected by bots. And bots are tricky for email marketers because the email engagement events (opens and clicks) they generate can get recorded alongside legitimate ones. This leads to email campaign statistic inflation as well as automation being tripped based on these false events.


Who’s more likely to be impacted? 

Bots don’t impact all marketers equally. These security filters are much more common in industries tied to finance or healthcare but aren’t as common in B2C marketing. Generally, regulated industries where contacts use a company email see more bot clicks than personal email addresses on email providers like Gmail or Office365.


So, what can we do about it?

For HubSpot, identifying bots and separating them from legitimate contact engagement has been, frankly, a game of Whac-a-Mole. In the last year, the industry as a whole has seen a spike in phishing emails. This rise in phishing has led to corresponding increases in companies adding security software (i.e., more bot activity). 


At HubSpot, we’re doing our best to address this rise. Currently, we’re working on redesigns to email reporting to better separate legitimate contact email engagement from that generated by security software. The entire team at HubSpot, including myself, recognizes this can cause anxiety for a marketer. We will continue to do everything we can to find a solution that best addresses this problem. Until we have a full solution, we’ll be monitoring this thread to answer any relevant questions or concerns and respond to any feedback you have about this.

38 Replies 38

Hi @jaleonard19 ,


We're suffering from the same issue, clicks are becoming unreliable metric to count on for qualifying & scoring leads.


Something in particular we noticed that wasn't mentioned here before is Plain text clicks.


Our logo link (1st link usually in our emails) is recording more clicks than all other links combined which obviously doesn't make sense, so upon checking we noticed that HTML clicks are normal (a bit on logo then majority on the rest, banners, CTAs...etc.) However, when checking Plain text clicks, we noticed that in most cases there's only our logo in that section with significant amount of clicks. Our bot filtering feature is activated yet we still see that.


For example: one email recorded 411 clicks on our logo link, 390 of those are under Plain text. Another emial recorded 375 clicks on our logo link, 359 under Plain text. The more recent we check, the worse the trend gets.


Across 2020, plain text clicks made almost 50% of our total clicks on average. Last half of 2020 the average got over 60%.


Do you think this is also an indicator of bot clicks? If so, is there any way we can build a Workflow that only qualifies leads who clicked on any link except our logo (which we can use as a ghost link, thanks @Mike_Donnelly !) after 5 or more minutes of receiving the email. (assuming most bots are clicking immediately upon receving)


Do you think this would help us reduce the amount of leads that gain false score?






I'm getting a little concerned for HubSpot here. They do a fantastic job at making email engagement analysis very easy and powerful, with great reporting layout and tools to make performance comparision. However, the currency that makes this machine run is the engagement data itself and it's becoming increasingly unreliable.


On a call with multiple HubSpot employees we were not able to find a single email metric: opens, clicks, web page views, even email read time that was reliable enough for us to base behavioural triggers or reporting on. Our stats are so inflated we have little idea of how we are really performing and so instead of being enabled, we are really flying data blind - our instruments are giving us false readings. As a marketer that's a scary thing, we may think that our email content is really hitting home, where in fact there's been little real engagement at all. We may pass on 'hot' leads onto Sales for them to lose confidence in what we are sending their way as all this 'engagement' amounts to 0 new conversations'.


A good example of how this fake data erodes HubSpot's platform is the Email Health tool. A real value add that allows you to review your entire email marketing operation with a few clicks. However, it's completely useless for us because as all the building blocks (engagement data) going into it are inflated, the results we pull out cannot be trusted. 


As we work in B2B financial services we are facing the highest email security, so others in the post may not have the issue to the same degree, but given HubSpot as a platform is built on identifying engagement and enabling smarter marketing, if this fundamental issue isn't tackled the value of the platform as a whole will diminish, making it harder to justify the invesment in it. Even for those who are real fans.  


Any updates on this? I just put in a support ticket for this as we're seeing an increase in bot activity that opens and clicks on our emails rendering our emails stats suspect.




Make sure that you work on your email marketing, your social media marketing, and your content marketing.. With a little effort on your part, you can quickly gain a strong customer base and grow your business to the point where you generate more sales than you are able to carry. 


Has anyone been able to come up with an all encompassing way, through either a list or a workflow, to even identify the folks and/or companies this consistently happens with? Something to the extent of if every link in Email A is clicked flagged this contact engagement as potential bot activity?

The only way I can see to do that at the moment would be to take every single email and say if opened and clicked on this AND this AND this... which obviously is not feasible to do for dozens of emails. 

Curious if there is a better way or even a condition that could be added by Hubspot in the list builder to say if All Links clicked in Email or if Links clicked at the same time email was sent... 

Would love to hear if anyone has come up with a creative workaround! 



Hi @MMunroe , not something I've implemented myself but saw this and think it mught work:


It's for marketo but can't see why adding a hidden link to catch bot emails engagement and using a workflow to update a checkbox wouldn't work in HubSpot. You'd then need to use a smart list to find the 'true' engagement for each email. Sadly any of HubSpot's out the box reporting like Email Health would still be useless


We've been noticing issues with HubSpot tracking for a while now and when I submit a support ticket I just get the run around with no answers or solutions. Wasn't until today that I was finally told about the bot activity issues. But with us it's not just affecting our marketing emails, it's also an issue with one-to-one sales emails and landing pages. We're getting false notifications for email opens, clicks, page visits, and form submissions. 


Anyone else having the same issues when using pretty much any tool within HubSpot Marketing? I'm having a hard time justifying user costs given the data and analytics is a complete joke. 


Bot filtering setting is not helping.


Another data point is corporate email servers will open the same email for all its recipients at the same time. For example, if you send to 3 people at the same domain, we see all 3 people open the email in the same minute. It may be well after HubSpot sent the email…but the opens and clicks are all done at once.


From my understanding, HubSpot groups Bot activity into Account and Behavioral-based activity. HubSpot is aware of Accounts where Bot activity is prevalent and behaviors where the timestamp of the email and the corresponding bot activity happen at nearly the same time. My interest is in the latter and we are hopeful that this type of behavior can be removed from our email results.