5 Ways Email Marketers Can Fight Phishing
As email fraud becomes more prevalent and the quality of phishing emails continues to improve, users are finding it much harder to distinguish between legitimate emails and fraudulent ones.
This is a big problem for email marketers. Not only do real phishing attacks jeopardize the effectiveness of legitimate marketing emails, but also the perception of phishing attacks will cause subscribers to be wary of your emails.
Here are five key ways email marketers can prove the legitimacy of—and preserve the trust in—their outbound messages.
1. Be consistent with the Friendly From.
An email’s Friendly From (the name and email address users see in the visible “From” header of an email) plays an important role in driving subscriber recognition. If the Friendly From in one email from your brand is different from what subscribers are used to seeing, they will be less likely to trust the message.
In the example below, Amazon’s emails normally come from the amazon.co.uk domain:
If you are signed up to receive Amazon’s local offers, the format is also consistent, always coming from Amazon Local and often with an offer-specific descriptor (e.g., “Beauty”):
So when Amazon deviates from one of these established formats, it is going to create concerns as to whether the email is legitimate, as was the case with this following example:
While this email actually was a legitimate one, recipients unfamiliar with this domain were far more likely to click their “mark as spam” buttons.
2. Encourage subscribers to whitelist your email address.
While many fraudulent emails spoof the legitimate sending domain (e.g., “email.sender.com”), others may claim to come from a corporate domain (e.g., “sender.com”) or a lookalike domain (e.g.,”email-sender.com”).
Encourage your subscribers to flag your email address as legitimate and notify them when your email address and/or domain changes, like American Express does below. This kind of communication helps increase subscriber trust in your emails and your brand:
3. Include content details only your company could know.
As a marketer, you have exclusive information about your recipients that phishers hoping to impersonate you do not. Consider including some of those exclusive details within your email to help recipients know that your message is genuine.
Santander had a massive issue with phishing and spoofing, which was destroying trust in their legitimate marketing emails. They made a number of changes to their program, one of which was to include the second half of the recipient’s post code in the top of the email:
PayPal takes a similar approach by using the subscriber’s full name:
4. Remind subscribers why you have their email address.
Recent research by DMA (UK) reported that almost half of consumers (47%) “sometimes wonder,” how brands got their email address, with a third (35%) “often” or “always wondering” this. This represents 83% of the total.
If email recipients do not remember signing up for your program, they are far more likely to treat it as spam. Remind them why they are getting your emails.
How, exactly? We like this approach from Firebox.com. Users are continuously reminded of when they signed up and why:
5. Prepare customers for a change in the look and feel of your emails.
A sure-fire way to create doubts about the legitimacy of an email is when its appearance changes unexpectedly. Customers learn to trust emails when they have a consistent look and feel. That trust is reduced if unannounced design changes occur.
Recently, Barclaycard changed the look and feel of its statements email program. Customers received emails to prepare them for these changes:
While there is no silver bullet in protecting your brand and email program from the impact of phishing, following tips like these is a step in the right direction.
Want to learn more about how marketers can fight email fraud and protect email ROI? Get The Marketer’s Guide to Email Fraud.
About Guy Hanson
Guy is a passionate advocate for intelligent use of customer data to drive responsive email programs. With a knowledge base that now spans nearly 15 years, he is a global e-mail expert and thought leader. Leading Return Path’s International Professional Services consulting team, Guy has worked with a broad range of clients across 5 continents to improve their email delivery, subscriber engagement and revenue generated. Outside of work, Guy is the Chairman of the DMA Email Council. In this role, he works with industry peers including brands, agencies, and service providers to promote the best interests of the email industry to a broader audience. He is also a regular contributor to the industry press.