AnsweredAssumed Answered

Form pre-fill with another lead's data

Question asked by 9536ff8d86685ddc15bc62e6420dfe26969aa3cd on Jun 18, 2015
Latest reply on Jul 27, 2018 by Sanford Whiteman

My marketing team has encountered several instances of a lead clicking a link only to discover a form filled with another lead's data. Even though the info is usually nothing more than what could be gleaned from a LinkedIn profile, this is clearly undesireable as it looks like sloppy marketing (and a privacy breach.)


According to what I've learned from Marketo support, there are two ways that personal data can be passed between leads:


(1) A lead is sent a personalized link decorated with a unique key that identifies the viewer as a different lead.

a. Marketo creates custom links in emails in order to loop in tokens and other identifying data for the recipient, such that even if they are not cookied (or operating on an uncookied device) the underlying message can be personalized.

b. If a lead forwards an email with personalized links to a second individual, the first individual’s information will be retained in any underlying forms.

c. This kind of personalized link passing is almost exclusive to parties who know one another personally, often within the same company.


(2) A lead somehow inherits the cookie of another lead.

a. Local personalized information is stored on user devices via the Marketo “Munchkin” cookie, which is placed on users machines after visiting any Marketo asset. Once the lead is known to Marketo, this cookie is filled out with their information as it exists in the Marketo database.

b. If one user enters identifying information into a form on another user’s machine, the second user’s cookie will be updated with the first user’s information.

c. This is a sub-case of the personalized link scenario above, which essentially passes updates the recipient’s cookie when forwarded


Unfortunately I've also been told that the only way to prevent this is to disable form pre-fill under the Admin setting for landing pages, and this only works on the sender side, e.g. if the person's browser has pre-fill enabled, you could still get this scenario. Does anyone have a suitable workaround?