Spambots are automated computer programs that are built to find signup form code on your website or blog and submit fake information to your list.
Although a few of these signups aren't harmful, your list data can be negatively impacted by a large amount of fake information. Fake information skews the accuracy of your list statistics, which makes it difficult to know who your typical subscriber is or to tailor relevant content to targeted subscribers.
How We Prevent It
Our double opt-in method requires subscribers to confirm their subscription through an opt-in confirmation email. However, spambots can click links in email, too.
To prevent spambot submissions, we add a special reCAPTCHA checkbox to your hosted signup forms that spambots can't access. If you use the embedded form, we encourage you to enable reCAPTCHA in your Form Options to prevent fake signups. Subscribers will have to check the protected reCAPTCHA box to complete the signup process.
What to Look For
If you have a lot of addresses in your list, it can be hard to tell which ones are likely to be spam. Look for these characteristics that are typical of spam signups.
- The email address is a name, but doesn't look like a real name.
This can be hard to determine, but sometimes addresses just look fake. A strange email address, combined with these other characteristics, can suggest spam.
- First and last name fields are filled, but don't match the name in the email address.
Spambots don't always match list data to the email address. If the email address is a name, and the first and last names provided don't match the email address, it could be a spam signup.
- The signup source is Hosted Signup Form.
Due to the way spambots submit fake data, MailChimp notes their signup source as Hosted Signup Form in list data. Although this can be a legitimate source, if you only use embedded forms or the API to add subscribers to your list, you can safely guess that a signup from the hosted form is fake.
- The opt-in and confirmation IP addresses are different.
When someone signs up to a list, they generally submit their information and confirm their subscription from the same computer, which has one IP address. When a spambot signs up to your list, often one computer with one IP address will sign up to the list, while a different computer with a different IP address will confirm the subscription. If the IP addresses for opt-in and confirmation are different, then it could be a spam signup. Export your list to compare the opt-in and confirmation IP addresses.
How to Delete Spam Signups
If spam signups seem to have started around a certain time, create a segment based on the characteristics of spam email addresses and review it for further issues.
- Create a multi-part segment.
- Set the Subscribers match drop-down menu to all.
- For the first condition, set the drop-down menu to Date Added | is after | a specific date | and choose a date.
- For the second condition, set the drop-down menu to
Signup Source | source was | Hosted Signup Form.
- Click Preview Segment to see who meets the criteria.
Check the segment for subscribers whose names and email addresses don't match, or export the segment to compare opt-in and confirmation IP addresses. Compile a list of suspicious subscribers, and delete them.