Nov 2, 2012

Delivery, Disasters, and Spammers

Hurricane Sandy hit the Northeast coast of the United States a few days ago. It caused massive destruction, unfortunate deaths, and a lot of trouble for people all over the world. While we don’t want to minimize what those living in the hurricane’s path have endured, we know a lot of you are talking about Sandy and should be aware of how that could impact email delivery.

According to a report by Symantec, there’s been a spike in email volume related to Hurricane Sandy. Sounds about right since Sandy didn’t exist until a week ago. But Symantec’s also reporting a surge in spam emails exploiting Hurricane Sandy, which is really interesting if you’re trying not to look like a spammer.

It makes sense from a spammer’s perspective to exploit any disaster. People are very sympathetic to the victims. They want to make donations, help in some way, or click links promising information and updates. So a lot of people are easy targets for spammers clever enough to use topical subject lines.

How many emails reference Sandy?

We put together a graph showing how much email referencing the hurricane has increased in the past few days.

We went back before there was talk about Sandy to get a good baseline. There are some mentions starting on the 24th, when Sandy was upgraded to a hurricane. “Frankenstorm” made its first appearance in an email on the 25th. And we can see mentions shoot up on the 29th, when Sandy made landfall in New Jersey.

We can extrapolate that A LOT of emails referencing Sandy are being sent overall.

How this affects you, the good sender

Remember, ISPs (Gmail, Yahoo, Hotmail, etc.) use fancy algorithms to pinpoint content used by spammers and then filter it out. Since spammers are constantly changing tactics, ISPs are very good at finding the new flavor of the month, week, or day, and stopping it quickly.

Even if you’re well-meaning, endorsing an honest cause, or just sending out some straight news articles, there’s still an increased chance of going to the spam folder. That line in your email, “Help Sandy Victims”—Spammers did it.

And Hurricane Sandy is just the most recent example of a disaster or major news event exploited by spammers. Pretty much any significant event will be used for ill gains by spammers. For instance, we once saw a perfectly innocuous email filtered by Gmail because it referenced a news article about the embassy bombing in Libya a few months back. Testing proved the block was strictly related to one sentence mentioning the bombing, which took us by surprise until we realized how opportune these events can be for spammers.

Including references to an event isn’t a guarantee of getting blocked, though. ISPs always look at a variety of factors, unless they believe a piece of content is just downright evil. In the case of the Libyan embassy email, we found the filter only blocked the email when it was sent from a specific IP address. Sending the email with the same sentence over different IPs lead to 100% delivery. This really speaks to how ISPs use content filtering and sender reputation (i.e. engagement) together to determine whether or not an email is spam.

To reference or not to reference

That said, I’m not trying to convince you to remove mentions of the hurricane or abstain from asking your subscribers to donate to worthy causes. (Personally, I donated after receiving an email from my favorite band.) You might want to send a meaningful hurricane-related email that will inform or help people. So here are some tips for avoiding the spam filters:

  • Don’t copy and paste news articles or blog posts.
  • Avoid popular external links. Link to a special page on your website with information and links to other resources. (Link shorteners are not a workaround.)
  • Make sure the rest of your email doesn’t look like spam, because ISPs look for multiple indicators of spamminess.
  • Segment the list so only your most engaged subscribers receive the email. Higher engagement will improve delivery.

You could also assume your email will go to spam, in which case, don’t include vital information in the email. If sending two emails, space them apart so subscribers don’t get overwhelmed.

Spammers know how to exploit anything for profit. And ISPs know that about spammers. Be careful when sending emails about major news stories, whether it’s Hurricane Sandy or the next big thing that comes along. Spammers are smart and quick, and they’ll poison the well.

Oh, one more thing: If you came here looking for updates on how MailChimp servers faired this past week, I’ll direct you to a post by Ben.


UPDATE: Just want to pop back in and point out we often see the same trends with holidays, political news, celebrity gossip — pretty much anytime something gets national coverage. Spammers love taking advantage of zeitgeists.