While list growth is usually something to celebrate, a sudden spike in subscribers could be a sign of trouble. 

A spambot is an abusive computer program that signs up a large number of real or fake email addresses to thousands of mailing lists. They can cause issues with your reporting, sender reputation, and deliverability.

Symptoms of a spambot attack

Spambot attacks can significantly damage your sender reputation, and reduce your delivery rates. Typically, victims see an increase in spam complaints, bounces and unsubscribes, as well as decreased open rates.

Spam complaints increase when real email addresses are added by spambots without the owner's permission. Imagine your email landing in hundreds of inboxes of people who have never heard of you, or have no idea how you got their address. Some people may delete your email or unsubscribe instead of making a complaint, but this still negatively affects your sender reputation.

Even unopened emails are bad news. In email deliverability terms, low open rates are a clear signal that your recipients are not engaged with you, your brand, or your content. Lack of engagement is a factor in the delivery of future emails, and can even lead to your messages being blocked.

High bounce rates are another side effect of spambot signups. Sending to a list corrupted with hundreds of fake email addresses results in hundreds of "hard bounces". If bounce rates are high enough, then email servers may reject or block your emails entirely, and you could start to see bounces from legitimate recipients.

Identify and remove fake signups

As explained above, there are many signs to alert you of a potential spambot attack. If you think a spambot may be attached to your subscriber list, you should identify the fraudulent addresses and remove them.

Identify fake signups

In some cases, it's easy to spot fake signups because the addresses look very spammy. Or, you might see a batch of signups that share a common characteristic, such as a consecutive number string, a random alphanumeric string, or domains that contain the same word, for example:

• skitchonline.net
• skitchstudio.co
• skitchstudios.org
• skitchdesign.net

Start by exporting your email list​, including all subscriber fields so you can look for oddities. Here are some other things to look out for:

• A daily influx of new subscribers - A spike of new signups from the same domain at the same time every day, using addresses from free webmail hosts like Hotmail, Yahoo, and Gmail.
• Many signups within minutes/seconds - A large volume of email addresses added in an unlikely amount of time can be cause for concern.
• Invalid email addresses - If you're using a single opt-in list it's normal to occasionally collect invalid email addresses, but more than a couple for every 10-15 signups is a warning sign.
• Personal instead of corporate addresses - An uptick in @hotmail.com or @outlook.com subscriber addresses is normal for some lists. But if your business model is B2B and you typically attract corporate email addresses, this could spell trouble.
• Corporate instead of personal addresses - The opposite of the above situation; an increase in corporate addresses when most of your subscribers are personal.
• Sudden, frequent signups from foreign domains - If your subscriber list primarily contained .com addresses and you suddenly see, for example, an influx of .co.uk or .ru addresses, a spambot could be active on your list.

If you can determine a pattern, the next step is to create a segment using that pattern to isolate the fake signups. See the instructions below.

Isolate the fake signups on your list

You can build segments​ to isolate fake signups, based on information like "Date subscribed", "Name", "Email address", "Location", custom fields, or a combination of these.

For example, if a name, phrase or set of numbers are repeated in the signup details, you can segment them by creating a rule based on name or email, then choose "contains" as the condition.

Remove fake signups from your list

Instead of just deleting spambot email addresses from your list, it's a good idea to add them to your suppression list. After you've created a segment to isolate the fake signups, follow these instructions:

1. Click Lists & subscribers, then select your affected list.
2. Click Segments in the left menu.
3. On the "Segments" page, click the segment you created for fake signups.
4. Click Export segment below the segment builder to download a CSV file containing the fake addresses.
   
5. Click Lists & subscribers in the top navigation.
6. Click Suppressions in the left menu.
7. Click Add to suppression list, then copy and paste your addresses from your exported segment into the field.
8. Click Add to suppression list to confirm your changes.