Screen Scrape Diaries, Part 1

Screen scrapes and spam traps — sounds like something out of science fiction. Unfortunately, it’s a cold, hard reality — one with which each of us needs to be familiar if we’re to avoid pitfalls in email marketing. First, the definitions:

  • Screen scrape — A nasty practice employed by spammers. They write a little program (called a spambot) to crawl over Web pages looking for email addresses. Loads of pages contain email addresses just waiting to be scraped — author bylines, “contact us” links, and so on. Spambots typically harvest email addresses for spammers, who in turn mail offers for Vi^gra, various body-part enhancements, and ingenious (if dubious) money-making methods to those addresses, all from the comfort of their own homes.
  • Spam trap — The practice of specifically placing an address on a Web page (usually an address no individual uses, such as intended to get sucked up by screen scrapes. The spam trapper monitors that address for incoming email, secure in the knowledge anything received at that address is spam. The address clearly did not opt in to any list but instead was obtained by a spambot.

Right about now, you are probably saying, “Fascinating, but what does it have to do with me? Isn’t this the realm of criminal spammers and antispam fanatics? What’s this got to do with legitimate marketers mailing to legitimately obtained addresses?” Therein lies the rub. So-called legitimately obtained lists aren’t always so legitimate. There have been countless claims of list owners and list brokers padding lists with spambot-obtained addresses. Who’s to say some of these addresses aren’t in one of your (or my) campaigns right now?

I hasten to add a fully double opt-in (also called confirmed opt-in) list would never have this problem. Even if someone added a name obtained by screen scraping, no human being at the other end would confirm the subscription. So that address would never be added to the list. Although a fully confirmed opt-in list produces the best return and the best response and is considered first class, a single opt-in list is often part of the picture. Be aware when dealing with a single opt-in list: Although many subscribers may be humans who voluntarily subscribed, bad addresses could be in the barrel as well.

How are we to protect ourselves? Easy. Set up your own spam traps. Head right over to your tech department and set up an email alias no one uses. Put a “mailto” link to that email address on a Web page that gets a fair amount traffic (for instance, post some messages to popular bulletin boards, placing that address in the body of the posts). Monitor the address for incoming email. You’re sure to see an immediate influx of spam. What you don’t want to see is one of your own campaigns. If you do, it’s time to talk to your list broker. You’ve been ripped off.

To prove my point, I’m going to seed this page with a few spam traps of my own. In a future column, I’ll publish some of the beauties I receive in their entirety. Will we see some campaigns from companies that thought they were buying legitimate lists? I’ve got a hunch the answer is yes. You’ll have to tune in next time to see.

Of course, this won’t work if readers go ahead and add these addresses to their competitors’ lists in the hope of embarrassing them (again, if you have a confirmed opt-in list, this can’t happen to you). So please, I’m asking everyone to be on their best behavior and not do anything with these addresses. Let the spambots come and get ’em. (Just in case, I’m secretly seeding a couple of additional addresses elsewhere.)

Got a question? Think I’m full of it? Let me know — send me email!

Related reading

Flat business devices communication with cloud services isolated on the light blue background.