Pardot recently announced they are putting several things in place to get rid of bot clicks. One of the simplest ones being IP-based filtering. We have asked Marketo if they could forward the IP address with click data so we could do something about it. Marketo already has this information. Why can't they filter clicks based on IP addresses that many of these security appliances publicise?
Rejecting clicks before the email was even delivered, would be helpful too.
There are some obvious patterns Marketo to look for - like clicks on every single link or multiple links in a very short timespan.
Or clicks that didn't result in a web pageview. We don't have a simple mechanism to link the two, since Marketo doesn't send the clickId to the web pageview. But Marketo has that info.
This is becoming a big problem, since we can't do any lead nurturing or other campaigns due to bots clicking.
"announced" != "successfully implemented"
Nothing is obvious. What you're referring to as "security appliances" are in fact VMs on cloud and private infrastructure whose IPs are shared by human users. That is the whole idea, to not be able to tell the mail scanners apart from humans. If your infrastructure can distinguish machines from humans, that means the malicious actors can do the same thing, rendering the security layer useless.
Or clicks that didn't result in a web pageview.
Correctly operating scanners do result in a pageview.
I understand not all bot clicks will ever be caught. We have verified manually in our log files that there are several page views from IP addresses that are Barracuda Email Security Service IP Ranges or for Proofpoint etc. The corresponding clicks were still in Marketo. From the appliance's perspective, it doesn't really hurt them if you recognize their IP addresses, as their job is done, once they inspect your links. But the harm is done from our perspective, as it inflates the click numbers, not to mention the nurture campaigns are rendered useless.
Can Marketo either do something to remove these, or provide us the tools like the IP address in click information, or clickID in web view. How is this not a huge concern for anyone trying to do any type of lead nurture or scoring?
I get your point that "announced is not the same as successfully implemented", but at least Pardot is doing something to address this big problem for the marketers!
From the appliance's perspective, it doesn't really hurt them if you recognize their IP addresses, as their job is done, once they inspect your links.
This is 100% not true.
If I am a malicious actor and I can tell whether a mail scanner is checking my phishing links, I can return safe content to the scanner, then return malicious content to the unsuspecting end user whose links were deemed safe.
Swapna G To remove bot clicks our awesome admins were able to run some smart lists around timing. Bots click and open within seconds of delivery or at the same time. Humans not as quickly. A lot more when into their fix and it still isn't 100% but the data is much cleaner. Good luck!
Can you elaborate on what you guys have set up?
Lauren, we have setup filters to remove those as well. It helped somewhat, but still far from where they need to be. We have a few other rules, but on manual inspection, we have seen a whole bunch of pageviews from spam filter IPs. Unfortunately, there's no way to get IPs with click data from Marketo and the pageviews cant be linked to clicks easily when there are multiple redirects involved, since there is no clickId info with pageviews. So feeling pretty stuck .
Amy, we have been downloading click data and cleaning up the clicks based on a few rules. The challenge is that it's a lot of work that we need to do and at the end of all this, the partially cleaned data is not in Marketo. So running lead nurture campaigns or scoring logic is of not much use.
I have read at least 10 -12 really long chains of discussions just on Marketo forums about users complaining of bot clicks issue. What's surprising to me is that its still not a priority!
Exactly - we have been pulling the leads out of our campaigns if they ended up on the bot lists to isolate them. That has helped as well.
We built a Talend processor (with spam identification logic) to tag people with Bot activity in Marketo. Suppressing entire IP is not a great option because it also removes genuine clicks from that person (if any).
Also, not every link in email is .html, some of them are PDF and Doc too. View webpage does not work there.
We just switched from Act-On to Marketo and are getting around 5k bot clicks. We ended up suppressing the 5k bot clicks from future sends. This is not ideal as we assume a lot of those 5k bot clicks are valid emails. We would rather have clean data without a bunch of fake clicks. This was never an issue in Act-On. Come on Marketo!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.