Do you receive lots of emails each day offering to improve your Google Search Rankings, a spelling error that was found, a free digital audit or some other alarming issue with your website? You are probably wondering how they have found your website amongst the billions that exist on the internet too right?
Well, its simple, it is basically spam.
Guess what, even as a digital marketing consultant I receive them, some of them are funny. Thousands of emails are getting sent every day soliciting offers hoping that a few people take them up. Let me explain how it works.
How many spam emails are delivered every month?
Spam emails will arrive via your contact forms or email address shown on your website
You can Google the topic of ‘how many spam emails are sent every year’ and you’ll find there are different estimates about the volumes of email getting sent every day & the proportion that is spam. There isn’t a single repository that tracks, counts, measures or assesses email sending around the world so even as someone in the digital marketing industry I don’t know how accurate any of it is, you’d have to spend time assessing the sources to really know.
For every 12,500,000 emails sent there is one reply.
That is an estimate from TechRadar which to me is one too many. Obviously the logic that every spamming operation uses is to send countless emails because it costs nothing. So one customer can be enough.
Needless to say, email is the way most people around the world communicate these days, even I am guilty of using email instead of picking up the phone. As a society, we would probably also send an SMS before calling someone. So it has become an accepted practice. The Radicati Group’s email statistics report estimated that as of 2019 there had been 246 billion emails sent. While Statista’s report estimates roughly 306.4 billion e-mails were estimated to have been sent and received each day in 2020, with that number expected to increase to over 376.4 billion daily mails by 2025.
I know what you are thinking, who cares about all these numbers, it isn’t relevant to my business. Ok let me explain the relevance.
From this billions of emails the vast majority is just spam. Yes, that’s right, Statista’s report on spam emails suggests that from October 2020 and September 2021, global daily spam volume reached its highest point with almost 283 billion spam emails from a total of 336.41 billion sent emails around the world.
I know you just did the math, 84% of email being sent is just spam.
So now you can see where I am going with this right? Are all those wonderful offers to fix your website, rank you on the first page of Google or do social media management those wonderful from people who genuinely want to help you?
No, that’s the simple answer.
How to spammers get your email address?
Spammers, agencies, eMail list builders or even local digital marketing contractors will use a mix of tools available on the internet to find email addresses. The term is called ‘eMail scrapers’ and there are lots of reviews on the best email scraping applications that compare all their features or capabilities.
Essentially they crawl the internet and scan websites for email addresses, a tool like Scrap Box will make this task relatively easy. You can then create a list of email addresses ready to be used for your activity. Some of them are quite advanced and can target industries, domain names with particular keywords etc.
It doesn’t stop there though. Spammers, digital marketing agencies or freelance eMail list builders will also use what are called ‘bots’ to scan the internet looking for contact forms that will get filled in automatically to send spam emails. Another example can be a ‘Tell a friend’ button which may not be protected, a bot could use that to send thousands of spam emails using your SMTP email server.
In other cases they may have bought a list of domain name registration details so they send emails to the domain name owner with the assumption they are managing the website. Other ways could be you signed up for a newsletter, competition or requested an eBook where those details are sold. You have to check all the fine print to know where or how your email address might be used.
I am sure there are other shady methods, but you get the idea.
how to prevent email scraping from your website
The biggest reason that your email address gets scraped from a website is because it is easy to find. It is featured in the header, footer, in the body text or on the contact page. Therefore it is really simple for most email scraping tools to find it quickly and easily. So the best way to prevent email scraping tools getting your address from your website is to;
- Use a contact form: instead of displaying your email address on your website as plain text, use a contact form that is built into the page. This way, visitors can contact you without your email address being visible on your website. The other benefit of this is the contact form can be set up in different ways so that you know where the contact was made, capture the details that you want & even have tracking added so you can measure your conversions from visitors to your website.
Some contact forms will also enable you to add hidden fields or even Honeypot fields that will trap most bots from completing the form as well so it is another way of reducing the volume of spam.
- Use an email obfuscation technique: You can use an email obfuscation technique to hide your email address from email scrapers. This technique involves replacing the @ symbol in your email address with a special code or image that can be decoded by humans but not by automated tools.
- Use CAPTCHA: You can use CAPTCHA on your website’s contact form to prevent automated tools from submitting the form. This will reduce the risk of email scraping as it can either be forced to have someone check a box or do an image test which normally requires a human to intervene.
- Don’t use a mailto link: Instead of using a mailto link to display your email address on your website, consider using a text link or a button. This will prevent email scrapers from collecting your email address as it does a better job at hiding it. The other benefit of using a button is that it can be a clearer call to action for visitors of a page and it can be tracked so you know how many people clicked it.
- Use a robots.txt file: You can use a robots.txt file to block automated tools from accessing certain parts of your website, including your email address. This won’t prevent all email scraping, but it will reduce the risk.
- Use a web application firewall: A web application firewall can help protect your website from automated attacks, including email scraping. It can detect and block suspicious activity before it reaches your website.
- Use good eMail hosting: A lot of eMail hosting providers will include SPAM protection tools that will capture most emails before they even arrive at your inbox. There are worldwide databases of addresses or IP’s that are known SPAM sending locations that get flagged and then blocked. In other situations they can also see from the type of email or behaviour across hundreds of websites if they are sending the same thing to thousands of people. Together with the website based actions it can help reduce most of the spam even if it does come through your website form.
By implementing these strategies, you can reduce the risk of email scraping from your website. This is also the best way to stop spam eMails coming from your website to any of the contacts that are set up to receive enquiries. However, it’s important to remember that no method is foolproof, and determined email scrapers may still find ways to collect your email address as their methods are constantly changing.
how to stop getting emails from a website
If you know the domain where the eMail is coming from, for example email@example.com you can stop getting emails from that website in a few different ways;
- If you subscribed to an eMail list then the first thing to do is unsubscribe of course.
- If you still receive eMails, depending on what eMail client software you use, you can block any emails from that address or that domain.
- If the eMail still gets through then the next step is to go to your eMail hosting provider and put a block on the eMail address or the domain at the hosting level. Be careful though that you are 100% sure you never want eMail from any person at that domain though.
How to stop seo spam emails
Stopping SEO spam emails is very similar to the process I just described, using this example again firstname.lastname@example.org you can stop getting emails from that website in a few different ways;
- If you subscribed to an eMail list then the first thing to do is unsubscribe of course. Although be careful here, if you already know you never signed up, don’t click the unsubscribe or any other button in the eMail. This could be triggering a confirmation that the eMail address is active and add your address to even more lists.
- Depending on what eMail client software you use, you can block any emails from that address or that domain from coming through, you can trail your software this way.
- If the eMail still gets through then the next step is to go to your eMail hosting provider and put a block on the eMail address or the domain at the hosting level.
- If you notice the subject is always the same, then you can block them that way as well by filtering any emails with that subject to be deleted immediately.
Is it easy to spot a spam email?
For a lot of the digital marketing email spam they are not very sophisticated & in the majority of examples simply don’t come across as very professional. This is what to look for;
- Did the email get filtered by Outlook or gMail into your Spam/Junk folder? Sounds like a simple test, but this is your first indicator. The reason for this is because the larger email providers have databases that track spam addresses, locations or behaviour. So in most cases they will pick it up and flag it as spam.
- Is the email personalised? If it starts with Hi, Hello!, Greetings and doesn’t include your first name then in most cases it is a mass email blast that has gone generically to thousands of people.
- There is no unsubscribe button. The most obvious of all because firstly if you knew the person sending it to you they wouldn’t need this, but when the email isn’t personalised, you are in BCC and there are no unsubscribe or update your profile buttons you can tell it is a mass send. In fact the senders are breaking the rules by not including these options. Also if you do reply then they know your email address is real & being used, guess what, more spam for you 🙂
- Are you in BCC? This is a dead giveaway that it is spam that has gone to thousands of people. If they really knew about your business they’d address the email to your first name & you’b be the the only one on it.
- Can you see other email addresses in BCC? This is another dead giveaway that it is most likely spam.
- Are the font sizes, types, colours different when you scan the text? This indicates a cut/paste merge task that hasn’t been completed very well where different bits of content are mashed up to make the email before sending.
- Are the questions very generic? Sounds silly but if they are super broad questions then it is easier for them to send to more people. The smarter ones might say ‘I found this spelling mistake’ or something a bit more specific but in general they have no idea about your business or who you are.
- Has it come from a business address or a gMail/Outlook/Hotmail account? Spammers will generally use the large email providers around the world because of their size, capacity & to maximise the chances of the emails getting received. If they used their business name they’d get flagged as spammers pretty quickly. So they make up names, email addresses just so they can send their information.
- Is there a phone number, URL or any other way to validate who they are? Most likely there isn’t, so how can you take them seriously?
- Can you find that person on LinkedIn? Ok this isn’t fool proof because not every professional is on this social network. Although if they worked for a reputable company or agency you should be able to find them right?
Look, maybe some of them are super incredible, talented and can deliver incredible results. I just find it odd that this is how they need to go about finding new potential clients.
Types of spam email; Spotting website mistakes
The example above is fairly common. It’s really simple and they scare the website owner into thinking they have mistakes on their website. It’s a giveaway because if they really cared, had even looked or even knew about your business, surely they’d just tell you in the first instance right? They have also made the assumption that ‘website visibility is not increasing’, again this is all just fear tactics to prey on business owners who don’t know how to read or understand their website’s performance (read my free guide here)
In the example above they were referring to one of my clients and you can see below what their organic search trend is like. The report is a cumulative chart showing the steady increase in website traffic they are getting. Does this website have ‘web content related mistakes’ – well it might have, but the overall results are trending the right way.
For this client there was some digital marketing carried out on their website last year to get some of the on page SEO fundamentals right and make sure their Google Ads were targeting the right people, going to the right parts of their website. There hasn’t been any other ongoing work, but even with the clean up that was done, the results have clearly improved.
The ‘report’ they will be preparing is most likely going to be done using a generic website checking tool that looks as basic fundamentals & spits out a summary. It might highlight some things, but in most cases it will be too generic to be useful to every specific business. They provide it in the hope you will get them to ‘fix’ the problems.
Spam email offering help what to look for
Here is another common example which is a ‘offering help example’ where they offer to build a website & then do a follow up to those that didn’t respond to the initial email. There is no personalisation and notice they are asking to set up a chat or a call but they don’t provide any links or a phone number? Most likely the email is getting passed onto any number of agencies who are paying for the leads once they get someone acknowledge their email.
I said before, maybe some of them are super incredible, talented and can deliver incredible new website designs. I just find it odd that this is how they need to go about finding new potential clients. You can tell they are sending the same generic spam email to thousands of people hoping that a few of them respond.
Types of spam email; Offering SEO suggestions
The SEO spam email is probably the most common where they offer free suggestions. It is a similar technique to the ‘you have errors on your website’ where they prey on business owners who would like to get more visitors to their website. Notice how there isn’t any links to examples of their previous work, no reviews, no photos – nothing. They have to keep the emails simple and bare so they can get past the spam filters. Most likely they will use some of the free online SEO checking tools that do scans of a website to pick up fundamentals that might not be set up.
Types of spam email; Getting more website traffic
Oh now I’m getting repetitive, another spin on the same idea as the previous ones where they offer a free report, analysis, quote or something to help you grow your website traffic. There are lots more where they came from, take a look at the gallery below for some more.
Do they all seem familiar? That is what people around the world are receiving everyday.
How can you reduce the amount of spam email you get?
Here are some tips for reducing email spam
- Try to avoid using generic email names e.g avoid contact@, info@, sales@ because these are the simplest, easiest ones for bots to scan across the internet because everyone uses them. Consider something different or unique letsrenovate@ talktome@ etc
- Check what spam protection your eMail hosting service provides. For some people this may be Microsoft Office 365 or gMail which has their own systems to detect spam. You can ‘train’ your email software to always block certain emails.
- If your web host provides spam protection, what is it? In other situations your email might be hosted by the same provider as your website. I use Siteground’s web hosting and they use Spam Experts. You can actually go into your account and see how much is being caught, review the logs and block senders. Their service saves my clients from getting hundreds of spam emails daily, even I use it.
- Make sure your website has Google reCAPTCHA or other alternatives on your quote or contact forms.
- Don’t display your email address on your website.
- In your forms have Honeypot boxes or hidden fields which can sometimes prevent bot submissions.
- For anything you ‘sign up’ for, read the T’s and C’s carefully to know if your information will be sold.
- ‘Train’ your email software by flagging spam and/or blocking senders. This information is used by the email hosting companies to detect spammers.
- Read the Government advice on dealing with spam emails here
What if they say I have website errors?
So if you are wondering whether your website has errors, guess what, it might have. If you don’t have anyone constantly maintaining your website (or it wasn’t set up properly in the first place) then you could have errors that are reducing your chances of getting found online. That part is true.
Exactly what errors you have, if they are impacting performance or search rankings – well, that is a million dollar question because Google looks at over 200 different factors to rank a website. So even if a single link was broken or a heading was missing that probably won’t be the main reason you don’t get lots of traffic.
So how can you check if what they are saying is true?
- If you are confident, ask them for their ‘free’ report & see what it tells you. See if you can figure out what changes need to be made.
- Contact a digital marketing consultant like me you can have someone check it for you.
- Do both i.e. get their report & give it to a digital marketing consultant to review and give you an opinion or second point of view.
- Check your website yourself. Does every page load, do all the buttons work, do any links go to the right place etc
- Check your Google Analytics and Google Search Console reports, does everything look positive? Is Google Search Console reporting any errors in Site Submissions, Mobile Usability etc?
- Use an online website audit tool like the one from SEMRush that is available here I’ve put an example of the summary page from my website, yes I have some errors I have to fix! What these tools will do is run a very black/white test over the site and highlight errors.
A quick word of caution using automated reports that you find online or even from agencies. You could spit out a 98% score but the site may not be getting traffic. You have to keep in mind the report is doing a lot of very black/white checking, for example it checks if your website has a H1 heading on every page (great for SEO) although it won’t tell you if it is suitable, relevant or useful.
That is why you need a mix of tools and human intervention to look at your business, your website & work out what needs to be done to grow your website traffic or convert more visitors into customers.
So should you reply to spam email?
Do whatever you like, I’ve give you the tips & some of the tools you can use to try and assess the email. Best thing to use is your own common sense to figure out if it is worthwhile or not. Let me leave you with a few more examples to consider.
In this email I received an offer to run advertising for Rainbow Flag Australia with a promise of getting exposure to the 2.8 million visitors they get to their website. Using SEMRush I was given their estimate of around 800 people per month via organic search. While third party tools are not super accurate, it gives an indication at least. So that means the other 2 million or so must be coming from somewhere else, but where?
So I asked them to prove it, that was on the 22nd March & its now the 6th April, no answer at all even after two follow ups. Sure, I’m being aggressive asking for this type of information and I did it as a test to see what the response would be, but it goes to show that spam email can take many different forms.
By the way if you want to learn about assessing an advertising media kit proposal you might like this guide that I wrote here.