What’s with all those high click rates lately?

Article detail for Actionable insights for your store:

Great question. It actually has something to do with bots.

A bot-click, also known as a server-click, is used to verify the safety of an email. If inbox providers think your email is potentially spammy, they’ll send bots to click on and verify your links.

To identify bot-clicks, check out the profile event data. “Bot Click = false” means a human clicked the email.

As a side note, SMS can also have bot-clicks because of link previews (a standard feature on most iOS and Android devices). In order for the link preview to be generated, devices will bot-click the link to retrieve the preview image and present it in the user’s messaging app. Bot-clicks can also originate from carriers and providers that examine message content for compliance.

What to do about bot-clicks graphic


Let’s cover a few of your questions for more info. 

Q: Why the jump in click rate data now? Is the significant increase in May something we can expect to level out? Or are we going to be dealing with this kind of elevated metric forever, similar to the impact of Apple Privacy Opens?

A: Klaviyo just released this new metric in May (and only shows data since April), so that’s why it looks like a spike. Plus, bots are becoming more and more prevalent while ESPs are increasing their focus on sender reputation/deliverability.

Click bots have been around behind the scenes for a long time, but we haven’t been able to track their data until now. Currently, Klaviyo is working on ways to filter out click bots in their analytics.

Admittedly, predicting click-bot patterns is difficult, but we do need to accept that they aren’t going away. There’s no way to completely eliminate bot-clicks – even highly reputable brands receive some.

One important data point to keep an eye on is the ratio of human clicks to bot-clicks. If bot-clicks become equal to, or even more than the amount of human clicks, you can bet there’s one or more of the following problems with sender reputation/deliverability:

  • List health issue
  • Emails going to spam
  • You’re on a blocklist 

At this point in time, there are no metrics for what a good ratio might be, but obviously the fewer bot-clicks, the better.

Q: Have other ESPs besides Klaviyo commented on this issue? Or even the inbox providers themselves?

A: Yes, there’s been some general chatter about the issue. Here’s a summary of what we found:

  • Bot-clicks have been going on for a long time in the email marketing (and ad) industry. It’s especially prevalent in the B2B space but is now ramping up in B2C. As mentioned previously, we weren’t able to track it until now (thanks to Klaviyo releasing this new feature). Domains like Gmail, Outlook, or Yahoo tend to be less affected, but everything hinges on sender reputation/deliverability.
  • Bots are actually common to have, but not to the extent where bot-clicks start outweighing human clicks. Thankfully, this is something we can monitor and be proactive in preventing. 
  • With the rise in phishing attacks these past few years, security is continuously being tightened in every way possible (Gmail’s recent sender requirements, for example). Unfortunately, there’s no way to completely prevent bot-clicks, largely because they’re a security measure). However, with Klaviyo’s new data feature, we’ll at least be able to track bot-clicks and keep an eye on the human-to-bot-click ratio.  

Q: Are there any steps we can take to reduce the number of bot-clicks?

A: Definitely! And we’re happy to help if you don’t want to go about any of this alone.

1. Set up dedicated click tracking with SSL.

    • This allows you to display your own domain on click-tracking links (as opposed to the default Klaviyo encoding). 
    • Instead of seeing trk.klaviyomail.com or trk.klclick.com (see below), it would show the brand’s name.
      Klaviyo encoding example

    • Inbox providers see these kinds of links as much more trustworthy.
    • Having the same root domain in click tracking links and the send domain creates an extra layer of validation. 
    • Tip: you must add the following 2 CNAME records to set up your dedicated click tracking domain.
      Click tracking example

2. Set up Brand Indicators for Message Identification (BIMI). In simpler terms, this just means displaying your logo in your email. This “small” step can actually help a lot: It enhances your brand visibility, improves brand trust, increases open rates, and even strengthens email authentication. Be aware that some providers, such as Gmail, require that the logo is verified to be associated with a specific company and domain.

Brands with a verified logo vs no logo

3. Clean your list on a regular basis.

4. Keep up consistent sending patterns.

  • Sudden spikes, or even decreases, in email sends can be seen as spammy. You’re more likely to get flagged for testing email links.

5. Use the right URLs. We recommend linking to pages on your site, versus anything external. And, just as a heads up, using a link shortener might catch the attention of a security tool. Adding an attachment can also set off the bot-click alarm. If you want a reader to download something, like product instructions, you may want to drive readers to your site first.

6. Doing all of the above also helps you maintain a healthy IP address and a healthy reputation with ESPs.

If we’re pretending this is an actual human vs. robots story (believe me, we are), then this is what we’d say: 

  1. Accept our fate that the bots are already among us, and that they aren’t going anywhere.
  2. We can live in peace by doing what we’re already doing: taking steps to ensure a strong sender reputation and overall good deliverability. 

Again, let us know if we can help