Your email list is growing at a record pace. But, if it seems like it could be too good to be true -- there's a good chance it is

You're right to feel skeptical when you notice an influx of subscribers. At a glance, you might notice some email addresses that look a little off.

Weird domain names, repetitive email addresses, and number sequences can all be an indication of spam.

Using a database riddled with spam emails can severely damage your sender reputation, which will make it harder for your emails to reach your actual contacts. Unfortunately, once the damage is done, it’s very hard to recover. It’s better to prevent spam emails from getting into your database in the first place.

We spoke with Jacobo Vidal Abeigón, the co-founder of Arengu and an expert in preventing fake sign-ups. In this interview, we cover:

  • How fake sign-ups have a detrimental impact on B2B email marketing campaigns
  • How to spot spam email addresses and prevent them from damaging your sender reputation
  • Why spammers attack lists in the first place
  • How you might be unknowingly attracting spammers
  • How to reduce fake email sign-ups

We can help you clean your list and protect your sender reputation. Want to see how it works? Request your free data check today.  

The dangers of fake sign-ups

Fake subscribers do more than just clog up your email database. According to Jacobo, here are some of the other dangers involved with using a contact database full of spam.

1. Damages your domain reputation

Spam email addresses either don’t exist at all or they don’t belong to real people. That means they’ll never be received (impacting open rates) or will bounce entirely. The more bounces you get, the worse your sender reputation becomes. Email service providers like Gmail, Yahoo, and Outlook will track actions taken on your emails and give you a sender rating accordingly. The lower the score, the more likely they are to divert your emails to the spam folder. The main factors which will negatively impact your sender reputation include:

  • Low open rates
  • High bounce rates
  • High volume of emails sent
  • High volume of unsubscribes

Three out of four of these factors are affected by spam sign-ups. It’s hard to recover from a damaged sender score, and it’ll hurt your deliverability across all your emails -- even transactional ones. You’ll spend time crafting content for your automated email campaigns that may never even reach your audience since it will end up straight in their spam folder. Since no one will see your emails, your open rates will be low, which will damage your reputation even further. You can see how this can become a domino effect.

2. Wastes time

Your marketing and sales teams need to focus their efforts on converting real people. If you're working from a list full of spambot sign-ups, they'll be spending valuable time trying to contact people who don't even exist. A lot of time goes into building genuine and personalized connections with potential customers and, regardless of your industry, you can't afford to waste time unnecessarily.

3. Exposes you to fraud

One of the biggest dangers of spam sign-ups is fraud. Fraud is anything that involves wrongful or criminal deception for personal or financial gain. In this context, it could include:

  • Damaging your email campaigns by flagging them as spam
  • Exploiting weaknesses in your site
  • Gathering your email address to send you spam
  • Taking advantage of freebies (free trials, coupons, and discounts)

4. Messes with your metrics

You already know that the better you measure and track your email automation metrics, the better you’ll control the results. But did you know that an email open rate below 15% is a very good indication that your emails might be going to spam? Keep an eye on patterns in your campaigns and any drastic changes in these metrics. 

Data muddied by spam emails make it harder to test variables and interpret the root of campaign successes or failures. You might end up interpreting this as a problem on your end, such as ineffective subject lines, useless content, or developmental issues with your product. In actuality, your real subscribers might love your content but the fakes are throwing off your metrics.

Incentivizing users to sign up to your #emaillist can help you increase your #conversions, but can also attract spammers. Check out our article for tips on how to balance increasing conversions while keeping out spambots:

Click to Tweet

Why do spambots attack lists?

According to Jacobo, the number one reason for fake sign-ups is fraud. There is an entire industry that operates by spamming, and they do so because of economic interests. As touched on above, there are many ways that spammers can use your email list for financial gain. It could be a competitor who wants to damage your marketing efforts by flagging your campaigns as spam. Or it could be someone taking advantage of your free offers.

Who is most prone to spam email sign-ups?

So, what is it that attracts fake sign-ups to your list specifically? While there are many reasons that you might be a target, Jacobo says these two incentives could make you more attractive to spammers:

1. Free trials

If you're a software or platform that is subscription-based, then it's likely that you'll offer a free trial. Free trials are an excellent way for people to get a feel for your product before investing in it. Unfortunately, people often exploit free trials.

Netflix recently phased out their free trials due to users signing up and then canceling before the 30 days were up. Then they would just repeat the process with a different email address. The same can happen with your trials but on a larger scale.

2. Sending coupon codes or promos for new sign-ups

A great way to generate leads is to incentivize people to sign up for your list by offering coupons, discounts, or special promos. Similar to free trials, people may take advantage of these offers by spamming your email list. It’s especially true if you're not adequately verifying the identity of those who are signing up for these offers. If you allow users to sign up just by entering their email then you have no idea who they are. Requiring additional identification, such as double opt-in or a phone number authentication, can help you verify that the user is real.

Both these scenarios can seem like a catch-22 since you want to increase conversions by offering incentives for sign-ups, but you also don't want to attract spammers intentionally. The key is recognizing when you're being attacked and taking steps to prevent fake email sign-ups.

How can you tell if you're being attacked?

Even if you notice some weird contacts in your list, it's possible people may have misspelled their details. So, how can you tell if it's a typo or if a spam bot is attacking you? Jacobo provides a few ways:

1. Look for queues in the email address

Often you notice at a glance that emails on your subscriber list could be spam. Some main indicators of spambots include:

  • Incorrect spelling or grammar
  • Sequence enumerations (1234, 6789, etc.)
  • Alias emails which all go to the same email addresses (Jacob+1@gmail, Jacob+2@gmail, Jacob+3@gmail)
  • Random letters or numbers jumbled up
  • Notable business names @ generic ESPs (,

2. Verify the email address domain

If an email domain doesn’t even exist then it’s obviously spam. That said, sometimes email addresses exist but they are temporary. Although temporary domains may bypass some verification processes, it’s very easy to detect them using an email verification tool once the email address expires.

Email verification tools can detect spambots using methods like OTP flow, which generates a temporary password and sends an email to check whether or not the email exists. They can also go more in-depth and determine:

  • If the email is on a blacklist
  • The IP address of the user that tried to sign up
  • If the user is trying to sign up to multiple sites at the same time

You might not have access to this kind of information, but email verification experts will. Some good options to look into include ZeroBounce and EmailListVerify (used by Mailchimp).

3. Use data cleansing tools

Regular email list cleaning using a data cleaning tool can help flag and eliminate fake sign-ups. Tools like tye can use data cleaning steps to standardize your contacts, eliminate duplicate sign-ups, and flag obvious invalid emails. It will flag email addresses with false domains (like or or those with inaccurate characters or symbols, so you can remove them from your list. 

4. Influx of sign-ups

If you get an unusually high number of sign-ups in a short period, wait before you celebrate. This is an indicator of a spam attack.. Especially if they’re within minutes or seconds of each other. Also, look for mass sign-ups from odd foreign domains. For example, if you're in the US and usually get .com domain sign-ups but suddenly have many sign-ups for domains, this could be a red flag.

What can you do to prevent fake email sign-ups?

While there is always a risk of fake sign-ups slipping through the cracks, there are some ways Jacobo suggests you can reduce them and support your email list hygiene


You've likely come across CAPTCHA many times while browsing the internet. Since spambots are unable to read any content within images, CAPTCHA can prevent them from entering your lists. CAPTCHA typically contains hidden elements (like cars, trains, stoplights) or hidden words within a picture which you will need to manually identify.

2. Honeypots

A honeypot is an additional field within a sign-up form that is invisible to human users. Since humans can't see it, they don't fill it out. Bots will detect this field within the code and fill it out, which automatically identifies them as spam.

3. OTP verification

OTP verification will verify email addresses by sending a one-time password to their email during the subscription process. It’s essentially a double opt-in. The user will then need to log in to their email inbox, get the code from the confirmation email, and use it to verify their email address.

4. Multi-factor authentication

Multi-factor authentication can link email addresses with phone numbers, making it much harder for spambots to get into your lists. For people to sign up, they will need to verify their identity through multiple steps. If you're a business that offers a free trial, you can also request credit card details to reduce the number of people who abuse it.

5. Social login

Implement a social login feature for sign-ups, which leverages the identity verification process of larger platforms like Google or Facebook. Users will need to login to their social platform account to sign up for your list. Jacobo says this is one of the most powerful ways that you can verify user identity because companies like Google already have an advanced process in place to check identity.

6. Use secure sign-up forms

Instead of setting up all the above verification methods, you can use software like Arengu to create entirely secure contact forms. Their sign-up form software enables you to create customizable forms that you can easily embed into your website. 

Their software automatically rejects 90% of spambots. It has API integrations with tons of applications like WordPress, Shopify, MailChimp so you can easily embed the forms whenever you need to. Using Arengu is the easiest way that you can prevent fake sign-ups without any complex coding.

Don't let spam emails impact your automated email campaigns

Spam email addresses clogging up your database can wreak havoc on your automated email campaigns. A damaged domain reputation is hard to salvage, so it's essential that you use tools to clean up your list and remove those bots before you start sending out your campaigns. Knowing how to spot a spam attack and implementing secure sign-up forms can reduce the impact that spammers have on your automated email campaigns. 

We can help you clean your list and protect your sender reputation. Want to see how it works? Request your free data check today.

Markus Beck

Markus Beck - February 16, 2021

CEO with a passion for data relationships. Markus is half Finnish, half Austrian & fully committed to helping businesses keep bad data from ruining great relationships. Process Engineer by training, with digital marketing & project management skills from previous jobs.