Training recipients

Want to see a WWF style smackdown? Put a marketer and a delivery expert in a room and ask them to discuss frequency and whether or not more mail is better.
The marketer will point to the bottom line and how much more money they make when they increase frequency. The delivery expert will point to inbox rates and user engagement and point out that too much mail drives users to ignore the mail.
This isn’t actually unique to marketing mail. Send a lot of mail that doesn’t engage recipients and recipients are trained that they don’t have to actually pay attention to the mail. Some of them hit delete. Some may even report the mail as spam.
According to Cloudmark, this is exactly what happened when LinkedIn informed users of the recent data breach. They estimate that up to 4% of users who received the fully DKIM authenticated mail about the data breach deleted it immediately without reading it. This is higher than notification emails from other social networks.

Cloudmark suggests that part of the problem is that LinkedIn has an unclear opt-in process. Instead of asking users for preferences, LinkedIn assumes that all users want all the mail LinkedIn cares to send them. Then LinkedIn makes it difficult to find the page to change mail settings. This means recipients are very trained to ignore mail from LinkedIn. I know I ignore most of it. Anything that’s not a “want to connect” gets filed in the “I’ll read it when I’m bored” mailbox. So far I’ve not been bored enough to read any of it.
But I’m not sure it’s just about too much email. LinkedIn is a company that is heavily forged in phishing mail. Since May 1, just one of my email addresses has received over 50 messages purporting to be from LinkedIn.

Mailbox Screenshot
Phishers like to forge LinkedIn
All of these emails are phishing attempts. The mailbox you’re looking at is not registered at LinkedIn. None of them are legitimate LinkedIn messages. I suspect part of the problem and the reason that so many people treated the mail LinkedIn Password mail as spam is that the phishers have trained recipients that unexpected mail that mentions LinkedIn and a password is spam. I suspect most people never even opened the mail from LinkedIn. They saw the subject line, and just hit this is spam.
Authentication, careful wording, and all the right things LinkedIn did with the email doesn’t matter because there was nothing in the message list to distinguish this mail from all the phishes.

Related Posts

Happy Mailman Day!

For people who are on many discussion mailing lists, the first of every month is “Mailman Day”, and has been for nearly a decade.
Mailman is the most widely used mailing list manager for discussion lists and, by default, it sends email to all subscribers on the first of the month reminding them that they’re still subscribed to the list and how to unsubscribe. This is really useful, as I’m on some mailing lists that haven’t had any traffic other than the reminders in a couple of years, but it does mean that my mailbox looks like this this morning:

Discussion lists sending reminders is a close parallel to our usual recommendations for bulk mailing lists to send something at least monthly, so that recipients remember who you are and that they’re subscribed – and so that recipients who have vanished bounce that mail, so you can eventually remove them from your mailing list. (We’re not suggesting that you send a “this is a reminder” mail monthly – create some real content and send that).
Mailman Day also means that if you’re sending mail to a technical/internet-savvy demographic and you choose to send it first thing in the morning of the first of the month, you’re competing with a lot of noise in your recipient inbox. Unless you’re mailing daily it might be worth shifting a day forward or backward to avoid that conflict.

Read More

Where do subscribers come from?

Do you know all the ways subscribers can get on your lists?
Are you sure?
I recently used the contact form belonging to a marketing company to inform them that someone had stolen my email address from their database and I was receiving spam to the address only they had.
They had an opt-out link on the form, allowing me to opt-out of personal contact and a demo of their product. But that opt-out didn’t translate to not adding me to their marketing list.
When I contacted the person who was talking with me about the address leak, he told me it was the contact form that led to my address ending up on their marketing list. I asked, just to make sure, if I did remember to check the opt-out link. He confirmed I had, but there was an oversight when they updated their contact page and there was no opt-out for marketing mail.
I believe that the majority of delivery problems for real companies that “only send mail with permission” come from these types of oversights. The biggest problem with these oversights is how long they can go on until companies notice the effect. With the overall  focus on aggregate delivery statistics (complaint rates, bounces, etc) oversights like this aren’t noticed until they cause some massive problem, like a SBL listing or a block at a major ISP.
The company involved in this most recent incident was very responsive to my contact and immediately corrected the oversight. But there are other companies that don’t notice or respond to the notifications individuals send. This leads to resentment and frustration on the part of the recipient.
Every company should have at least one person who can account for every address on their marketing list. Who is that person at your company?
 

Read More

Opt-in vs. opt-out

Jeanne has a great post up at ClickZ comparing the performance of mail to an opt-in list to performance of mail to an opt-out list.
The article looks at opens, clicks and click through rates over 7 quarters (Q1 – Q4 2010; Q1 – Q3 2011) covering 330 million emails. I strongly suggest anyone interested go read the whole article.
The short version, though, is that the opt-in lists had more opens and more clicks than the opt-out lists. In some quarters it was double the number of opens and clicks.
This data is a strong indication that opt-in lists perform much better than even the best opt-out lists.

Read More