Warning: Undefined variable $blocknames in /nas/content/live/redsift/wp-content/themes/blank-child-theme/inc/blocks/cover-block.php on line 49

Warning: Trying to access array offset on value of type null in /nas/content/live/redsift/wp-content/themes/blank-child-theme/inc/blocks/cover-block.php on line 49
Taking one step forward and two steps back with the spam problem - Red Sift Blog

Taking one step forward and two steps back with the spam problem

Just as it seems we’re getting a handle on soaring levels of spam emails a key tool is changed for the worse

By the end of Q3 this year, just under 60% of email was deemed spam. That’s almost two in every three emails being a nuisance, or potentially dangerous to global email users. Businesses really don’t want to contribute to the problem by creating “noise” in people’s inboxes, instead we want to focus on improving deliverability and ensuring our customers receive relevant communications from us.

Most companies, and in particular marketers, rely on bulk email services to manage the distribution of our email messages, and until now, we’ve had one provider in our corner, doing its best to reduce unnecessary emails flying about the internet.

Monkeying around with email

However, in October, MailChimp, had a change of heart about its opt-in settings for subscribing to emails, moving from a double opt-in process, to a single.

So what does this mean? By changing subscription settings to a default single opt-in, a person now only needs to enter an email address and click subscribe to join a MailChimp list. Compare this to the double opt-in method — where a subscriber had to verify they wanted to subscribe via responding to one-off email they received — and you can see why “spam” email volumes may quickly increase.

The omnipresent GDPR

Needless to say by removing this verification process, people weren’t happy. Double opt-in is a necessity to prove consent was actually obtained from an email address owner under the upcoming GDPR regulations. MailChimp’s change provides an array of possibilities for hackers and bots to easily access newsletter subscriber lists, meaning you could see hundreds of new emails in your inbox daily. Facing backlash in Europe specifically, the company decided that if the primary contact address was in the EU then existing forms would remain double opt-in. Great news for .co.uk email addresses, but what about users of Gmail where it’s difficult to determine location?

An e-mail u-turn

The incident brings to light the ever present dangers facing email security today, as well as the battle that so many brands face with email deliverability. MailChimp argued that double opt-in rates have slipped to 39% and that consumers no longer expect this step. While this may be true, the industry trend hurts privacy and security and goes against what the service had previously stated about the importance of authentication.

It wasn’t so long ago that MailChimp lauded double opt-in as a safeguard against bots, scammers and everything in between. This new default behavior does quite the opposite, and although opt-in will increase in the short term, longer term organisations using MailChimp will likely face an increased number of people unsubscribing from email lists. Furthermore, we’re likely to see spam rates soar as a consequence. Single opt-in enables spam bots to plug your email address into any number of sign-up lists and and in effect, DDoS your mailbox.

There’s very little that users and security advocates can do about this — taking a corporate stand and dropping the email provider is one option, but in an industry where double opt-in is a rare practice, how easy is this option? We’d love to hear your thoughts on the MailChimp saga, or indeed any spam-related news — team@ondmarc.com.

PUBLISHED BY

Clare Holmes

27 Nov. 2017

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
Product Release

Red Sift’s Spring 2024 Quarterly Product Release

Francesca Rünger-Field

This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…

Read more
Email

Navigating the “SubdoMailing” attack: How Red Sift proactively identified and remediated a…

Rebecca Warren

In the world of cybersecurity, a new threat has emerged. Known as “SubdoMailing,” this new attack cunningly bypasses some of the safeguards that DMARC sets up to protect email integrity.  In this blog we will focus on how the strategic investments we have made at Red Sift allowed us to discover and protect against…

Read more
Email

Where are we now? One month of Google and Yahoo’s new requirements…

Rebecca Warren

As of March 1, 2024, we are one month into Google and Yahoo’s new requirements for bulk senders. Before these requirements went live, we used Red Sift’s BIMI Radar to understand global readiness, and the picture wasn’t pretty.  At the end of January 2024, one-third of global enterprises were bound to fail the new…

Read more
Cybersecurity

Your guide to the SubdoMailing campaign

Billy McDiarmid

A significant number of well-known organizations have been attacked as part of what’s being called the SubdoMailing (Subdo) campaign that has been going on since at least 2022, research by Guardio Labs has revealed.   The scale of execution of this attack is staggering, and the impact is hugely damaging, but the goal is simple…

Read more