How to Keep Your Customers’ Contact Database Clean from Spam

In a moment when cyber-attacks appear to be ubiquitous and cybersecurity is trending outside of IT groups, it’s surprising how many organizations continue to pay little attention to combatting the threat of spam. Spam remains one of the more common cyber attacks and, although it’s unlikely it will drastically disrupt a business, it can be a frustrating issue and distressing to spend resources managing contact lists infected with undesired contacts. 

This can be particularly stressful for email marketers and business owners who depend on clean contact lists to reach the right prospects and customers and to drive deals, and this is also a part of a bigger cybersecurity shift plan: according to Gartner, by 2020 100% of large enterprises will be asked to report to their board of directors on cybersecurity and technology risk at least annually, up from 40% since 2018.

But how does it happen?

Imagine this scenario: There is a company called BusinessIdea whose website lists contact information like email and phone number available online and customers can also reach BusinessIdea through a contact form. Because emails are publicly available in plain text, BusinessIdea’s email is easily captured by a type of bot called a webcrawler for spam or sold in a database. 

And you may wonder… But why would someone want to hack my website? And, most importantly, how should I protect myself?

Why is my website being attacked?

The alarming answer is: because you have valuable information. Spambots are malicious software that crawls into websites to collect email addresses, phone numbers and other relevant online information like contact forms, chats, and websites, in order to build contacts lists that can later be sold. This will usually generate undesired emails (spam) and unwanted phone calls from shady call centers. 

One common way to impact websites is via contact forms. Usually, because they don’t have captcha or have low-security format’s quite easy for a regular person to break the barrier and send spam through codes available online, with 80% accuracy. In the case where a company has contact lists in sync amongst systems (like CRMs for example) and receives a spam email, it’s likely the spam contact spread those systems, contaminating the marketers’ and the new businesses’ performance.

This will also affect website performance, making it slower and in the most severe cases it will even discourage its listing in search engines, and thus making harder for customers to find the company.

How to keep spam away from your contacts

First of all – and before you even think about a drastic measure – let’s clear the air: no, you don’t have to remove your company’s contacts from your website nor delete your contact form. Also, if you don’t have a contact form on your website, you should have one – from the customer’s perspective is a superior experience and helps to break the first contact barrier. 

There are simple ways to protect yourself from spam, allowing humans to reach you and keeping machines and robots away. Here are some options to keep your contacts list clean and neat:

• Change how you share your business contacts on your website. Write your emails with “(at)” instead of “@” and phone numbers with spaces. You can also add captchas or a “view more” button to disclose the full contact.

• Captcha: Have sophisticated captchas on contact forms to force the sender to do some intelligence quiz to prove to be human. And you don’t have to use the typical distorted letters and numbers to prove the customer is human, because some of those are also impossible for humans to solve. Interestingly, one of the stronger captchas is the easiest for humans but difficult for bots to do – it’s just a checkbox configured on the website in a way the bots can’t find it but humans can see it. 

• Invisible Extra Field: This is called the honey-pot method, and it’s the opposite of the checkbox captcha. In this method, the bot finds a form or a checkbox to complete that humans can’t see. If that form or checkbox is filled when a form is submitted, then it’s a spam attempt and it can be deleted before it even gets into the systems. This is easily programmable on the website HTML, with several examples online to use or adapt.

• Double Opt-in: We all have been submitted a newsletter or signed up on a website and we have to go to our email to confirm we got the email. That’s the double opt-in method. In this case, spambots would easily complete the fill and submit the email, but don’t have the capacity to click on the confirmation link in the confirmation email.

• Website software: In WordPress, the most used software for website building in the world, there are some free and premium plugins that help to identify what is spam and filter it before it gets to your inbox. Also, premium ones have professional services associated.

• A person validating: Although it’s the most expensive option, nothing replaces human attention. In the office, one of the agents can validate if a specific new lead is Spam and should be ignored, or if it’s legit and it should be added in CRM as a new lead to follow up. In this case, there is a setting in which the contacts are not automatically synced and every new contact needs to be validated individually.

• If you have an email associated with a ticketing system, make sure you have protections in place to prevent spam contacts from creating tickets or receiving email from that address.

• Deploy a chatbot to interact with potential customers to gather their contact information for follow up by a salesperson and direct the user to sales resources on the website.

If you find strange or unwanted emails on your contact lists, verify your anti-spam methods are up-to-date and consider changing it. There are constantly new methods being released and some of them are easily adaptable. Even the most simple captchas can help, but you also have deeper methods for the most demanding spambots. You can always count on our team to help you keep your business safe from cyber-attacks and to help you clean your customers’ database clean.