5 (More) Ways Email Marketers Can Fight Phishing

Posted by Guy Hanson 

Last week, we discussed five key ways marketers can fight phishing and preserve the ROI of their email marketing programs.

This week, we wanted to offer five more excellent anti-phishing tips to implement at your organization.

1. Check your spelling!

People distrust emails with spelling or grammatical errors—and rightly so. Slap-dash emails are usually a sign of spam and phishing.

Senders of legitimate emails have a duty to ensure their emails are correctly presented so that recipients aren’t left guessing whether or not to trust the message.

Last year, Return Path reviewed French marketing email programs during the Valentine’s Day period. In French, the correct spelling of the holiday is “Saint Valentin.” However, we saw many instances of poor case conversion, as well as non-standard characters (e.g. “saint valentin”, “SAINT VALENTIN”, and “Saint?Valentin?”). We analyzed the variation in campaign performance between the correct and incorrect presentations:



Average read rates where “Saint Valentin” was correctly presented were more than twice as high as the read rates of emails that contained an incorrect presentation—and mailbox provider filtering rates were more than a third lower.

2. Avoid “spammy” words

While filtering based on so-called “spam trigger” words is now far less prevalent, there is a broad range of words that email subscribers consider to be spammy, making them less likely to engage with emails that use these words. Here are some of the most common ones:


You can read more about spammy words in this blog post.

3. Don’t be an alarmist

A favorite phishing tactic is to create a sense of urgency or panic. Legitimate emails run the risk of being viewed as fraudulent when the message feels aggressively urgent.

We saw a graphic illustration of this phenomenon with Just Eat recently. The email program had been the victim of a phishing campaign. The Just Eat brand team decided to send out a service announcement to make customers aware of the scam.

The email itself was excellent with examples of the fraudulent emails and practical advice of what to if a Just Eat customer received one of these emails.


However, the subject line of “Important Customer Information Update” came across as spammy to customers. Compared with a benchmark spam complaint rate of just 0.01% overall, this particular message generated an extraordinary 3.14% spam rate.


4. Don’t be lazy with transactional emails

A common problem we see is that the polish and care applied to marketing emails are not always reflected in the transactional emails. The National Lottery provides us with a good example of this:

image08 image11


Making matters worse, these transactional emails are also failing two common authentication tests, SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail):


Both the presentation and the authentication failures make these legitimate emails appear to be spam. Email program owners should re-visit their transactional email design and process to ensure the quality of their presentation is consistent across the brand.

5. Educate your users

Finally, educating your customers about phishing is a great preventative tactic. This example from Expedia sets subscriber expectations in terms of what types of requests the company will typically make of customers:


Expedia’s approach ensures subscribers will be more sensitized to unusual requests and less likely to fall victim to them as a result.

Want to learn more about what your marketing team can do to fight phishing? Get “The Marketer’s Guide to Email Fraud.”

Author Image

About Guy Hanson

Guy is a passionate advocate for intelligent use of customer data to drive responsive email programs. With a knowledge base spanning the best part of two decades, he is globally recognized as an email expert and thought leader. Most recently at Return Path, Guy led a global consulting team, and worked with a broad range of world-famous clients across 5 continents to improve their email delivery, subscriber engagement and revenue. Now blazing a new trail as an independent consultant, Guy is continuing to explore his passion for email and data – and sharing his knowledge – through appearances at flagship events, providing training, and regular fresh new thought leadership Outside of work, Guy has had long-term involvement with both the DMA and IAB email councils, been a regular contributor to the industry press, and is a 3-time finalist as data storyteller of the year!

Author Archive