#63 - We Got Hit w/ a List Bomb

One of the accounts we were managing got hit with a list bomb over the past couple of weeks.

Thousands of bot/fake emails flooded our list through the Shopify checkout page, all armed with a variant of ‘name’+’random string of numbers’.

So between all the busyness, thought I write you a no-fluff newsletter, which gives you a brief run through of what we noticed/how we noticed it, and what we’re doing to remedy fix it should you run into this issue (knock on wood you don’t).

First of all, here’s what Klaviyo defines ‘List bombing’, for context (you can also check out the full article here for reference)

Our specialized NCA (welcome) flow plummeted to sub 10% open rates, with a whooping bounce rate of 7% in the short time it was running.

This is a HUGE problem, solely because if left unchecked, would cause our deliverability to plummet, and possibly causing our campaigns/flows to land in spam as a result.

So how did we notice it?

Enter List Growth.

See the slightly unnatural spike in there? There was no change in traffic, offer, pop-ups and everything in between, which made us slightly suspicious.

Suppose that’s a round about way of saying always keep a eye on these things - super easy to overlook, but ‘missing out’ on it for 2 months is surely going to spell disaster.

For now, we’re excluding all emails with a + in it (better safe than sorry), that have not opened any emails over all time that come through a certain list.

Additionally, we’re also getting the brand’s devs to see if we can set something up to weed out those bots.

Crazy times we’re living in. Don’t get caught with your pants down.