Spamhaus for4 the win!

Typo Traps are Here!

7

SPAMHAUS logo As email marketers, we’re all aware of the presence of SPAM traps. Traditionally, these come in two flavors. “Honeypots” are SPAM traps that are posted to sites on the internet, but never actually sign up for anything. If a program finds the address while crawling the web and “scrapes” it, the email address will then be added to a marketing list, and possibly sold to an unsuspecting client. Because the only way for these addresses to appear in email marketing lists is scraping (which is illegal in some countries), they can have a huge effect on your deliverability. The other kind of SPAM traps are “recycled” addresses. These are email addresses that were once in use, but that have been dormant for an extended period of time.

In the last year, Spamhaus has created a new kind of SPAM trap: so called “typo traps.” These traps were introduced in December of 2012, as far as we can tell. They did not at first cause the IP to become “blocklisted,” but lately that has changed. Recently, GAP was blocklisted because of the many typo traps they hit in their mailing campaigns. This kind of SPAM trap is more about encouraging best practices than it is about catching those who send out massive amounts of SPAM or who harvest addresses. If you use the double opt-in method, this kind of trap shouldn’t be a problem for you at all.

What is a Typo Trap?

Typo traps are email addresses that contain common typos, usually in the domain. For example, “jennifer@gnail.com” instead of “gmail.com” for the domain name. Or “edward@yahoo.cmo” instead of “yahoo.com.” You can expect to find typo traps mostly on major email domains, like Yahoo!, Gmail, Hotmail, Outlook.com and AOL.

How are these Typos introduced into mailing lists?

According to Tom Mortimer of Spamhaus, they think that these mistakes are usually introduced when email addresses are being collected at point of sale. For example, if the cashier asks you to fill out an index card with name, phone and email to sign up for that company’s mailing list. The email might have been written down or typed in carelessly, or perhaps the customer just gave a bunk address.

Bunk addresses are also a large problem when a company requires an email address to gain access to something. For example, a form on a website requires an email address and name before offering a download on the next screen. If you want to use this kind of email collection, make sure to require a double opt-in before dispensing the desired content.

How can we avoid typo traps?

First of all, don’t buy lists! This has always been excellent advice, but never better than now. Using a double opt-in method will spare you from most typo traps, as no user will ever opt in from one of those addresses. If you’re collecting addresses at point of sale, try having customers enter their address using a digital device instead of hand-writing it down, and if possible send them a confirmation email immediately. On websites, another technique to reduce these problems is having an email confirmation field. These used to be a lot more popular. Essentially, you just have the registrant type their email twice and make sure that both of the form fields match before submitting the web form.

Author: Kyle Lapaglia

Author: Kyle Lapaglia

7 thoughts on “Typo Traps are Here!”

  1. Thanks for pointing this out. We’re adding a script to auto-correct the most common domain extension typos for .com, .net. and .org. We found almost 200 email typos from .com mistakes alone!

    1. I don’t agree with correcting the typos. Scenario: I make up a phony address, billybob@gmaiiil.com You go ahead and correct that to @gmail.com but don’t know that I totally made up the rest of it. You’ve either just started spamming someone who did not opt-in to your mailings OR may have just landed yourself in a SPAM trap.

  2. I have a couple of questions…does it do any good to report spammers to places like spamcop?

    Does it do any good to unsubscribe from spam?

    1. Unsubscribing from mail you get but no longer want is preferred. If it is truly SPAM, don’t interact with it at all, just delete it.

  3. Interesting stuff,

    You could look to add something to your form validation when a possible error is detected show a pop up “are you sure you meant jennifer@gnail.com?”

    Or maybe predictive completion so when type @g it’ll suggest @gmail.com like google does when you do a search. You can base the logic of the suggestions from your current database.

  4. how does the typo trap work for the domain level. If someone types yaho.com or yahoo.cmo, wouldn’t they need to have access to those domains to track it?

Comments are closed.