Login Enterprise
Speak to an Email Marketing Expert
877-789-ELITE (3548)
 

After all your hard work creating and optimizing what you thought was the perfect promotional email, there’s nothing worse than checking in, only to see your open rates are deep in the tank. For many brands, this nightmare becomes a reality quickly, often for some of the most preventable reasons. If you’d like to skip the disappointment and keep your messages out of readers’ virtual trash cans, here are five easy mistakes you’ll need to avoid as you make your way toward a powerful, and successful, email marketing campaign.

Succumbing to Link Overload

Think of the last time you cleaned out your spam folder. Chances are the messages in this portion of your inbox ranged from the stereotypical – foreign royalty asking for a small donation in return for riches – to the downright odd. However, one of the common themes across most of these spam emails is an overabundance of links within the message body. With many spam filters honing in on link overload, if you want to stick around in the inbox, you’ll need to pick and choose your hyperlink battles. Try to keep your linking to a minimum if possible, focusing only on redirecting to landing and promotional pages. It might seem like a wasted opportunity to not link back to your page throughout the message, but based on the direction major email service providers are taking these platforms, it’s your best bet for dodging an unwarranted trip to the spam folder.

Unnecessarily Promotional Subject Lines

If you’re a regular reader of this blog, you know that subject lines can make or break your chance at connecting with a customer in an instant. But what if your viewers never even get a chance to hear your promotion out because the subject line of your message makes it suitable only for the digital trash can? Unfortunately, overly promotional or overtly sales-focused headlines often earn a ticket straight to the spam folder. To put the brakes on this problem, tone down the numbers, capitalization, and forceful words – think “hurry now,” “open immediately,” etc. – so that your message doesn’t look like it belongs with the rest of the spam folder riff-raff. Instead, keep things simple in your subject line and focus on indentifying the valuable content held within your message. This way, you’ll avoid the wrong part of your audiences’ preferred email clients, in addition to giving them a great reason to keep reading on once they receive your email.

Emails with Too Much Text

While spam filters probably won’t screen your messages based solely on the length of content within, that won’t stop readers from marking incoming emails from your brand as spam after opening something that’s better suited for a library shelf. Essentially, readers only spend about 15 to 20 seconds on each message, so if you go overboard with the length of your message, it’s hard to expect a favorable response from your audience. Unfortunately, there’s no defined ideal message length, so the answer to this dilemma is a bit murky. A good rule of thumb to stand by if you’re unsure about the appropriateness of your email length is to ask yourself a simple question – if this message found its way to your inbox, would you take the time to read it? If the answer is closer to trashing it and blocking the sender than it is to an emphatic yes, it’s time to do a little trimming with your content.

Attachments Only Cause Problems

At first glance, this section probably sounds like it belongs on a dating advice site and not a post about keeping your emails from being caught up in a spam filter. However, if you really want to keep your marketed emails in the clear, skipping attachments is your best bet. Sure, it might seem like a great idea to attach that infographic or eBook you’ve worked so hard on to every email, but this is a major red flag for plenty of email service providers. Instead, after taking a little time in the message to explain the value of these offerings, let your selective links lead back to this content via landing pages. This way, you’ll skip the spam folder and boost site visits at the same time.

Know When Enough is Enough

Tenacity is often a key part in any marketing operation. However, when it comes to your email initiatives, constantly targeting and messaging people who have bounced repeatedly is a recipe for disaster. Not only are you building ill-will with someone who’s simply not interested right this moment, your brand could also face a spot on Gmail, Yahoo, or another email giant’s blacklist – something far worse than ending up in the spam folder. Thankfully, if you can toe this line, while also keeping up with everything else you’ve learned from this post, there’s nothing that can stop your next campaign from being a smash hit with interested audience members around the globe.

Inbox vs. Spam Folder

 

CASL is coming! CASL is coming! CASL is coming!

What does this mean?
How does this affect me?
What do I have to do?
When should I start preparing?

These are just some of the many questions I have been asked by businesses, nonprofits, and every other type of organization that uses email or SMS text messages to communicate with Canadians.

People are left with lots of questions, but don’t seem to be getting a lot of answers. Myself and the team at Elite Email knew we had to fix that!

There cannot be this new piece of legislation that impacts every marketer with penalties to the tune of millions of dollars, that people do not understand. After all, it’s really hard to comply with something, if you do not understand what you’re complying with, or what compliance would look like.

I had previously written a blog post to help people understand CASL, but now with the July 1, 2014 date looming closer and more organizations placing “CASL compliance” higher on their radar, I knew there was an urgent need for something more comprehensive. People needed one detailed source of information to help them understand the new law, but, even more important than that, give them a step-by-step plan on the road to compliance.

With that being said, I am happy to announce that after a tremendous amount of effort, today we are releasing Elite Email’s CASL Survival Guide.
CASL Survival Guide

 
The guide is available online (as web pages), PDF, and ePub/eBook format.

It covers all the essentials including:

  • Overview of CASL
  • Final Regulations & Recent Modifications
  • CASL’s Bite / Penalties
  • CASL Requirements
  • In-Depth Look at Consent
  • How to Prepare for CASL
  • Will CASL Ultimately Be a Good Thing?

The actual legislation is a massive document that you can read here if you happen to have a lot of time on your hands and enjoy deciphering cryptic language. But, if you want to get all the information written in language you can understand, then this guide is for you!

I also want to take a moment to thank all the people involved in putting this document together. It was a true collaborative effort and the final results clearly shows everyone’s desire and drive to make this the best CASL resource that exists today.

I hope this guide is a great resource to everyone that will help prepare your for the post-CASL era of marketing to Canadians.

 
For the most complete information about CASL (Canada’s Anti-Spam Legislation)
please review the complimentary

Elite Email CASL Survival Guide

If you’re an email marketer you have undoubtedly heard of CASL, which is the acronym for “Canada’s Anti-Spam Legislation”.

Does this new set of rules apply to you? YES!
Do you need to care about it? YES
Do you understand it? Well, uhh, hmm, kind of, maybe….

There’s lots of information about CASL already available online, but a lot of it is complicated, often riddled with legal jargon, and frankly just not written in plain English so you can gain some sort of handle on what this is all about. That is why we have customers calling us and saying they’ve read all about the new laws, but don’t understand it and are more confused when they started.

Let’s fix that and get you up to speed on the who, what, where, when and why of Canada’s Anti-Spam Legislation!

What is CASL (Canada’s Anti-Spam Legislation)?

CASL is the Canadian Government’s new weapon (or so they hope) in the fight against spam. It outlines new requirements and rules for how commercial electronic messages (CEM) are sent. The highlight reel for the goals of CASL are to prohibit:

  • Spamming (…I’m a prince from a far off land, can I borrow your bank account to park my billions of dollars…) [section 6]
  • Hacking (… imagine what I could do if I controlled your computer…) [section 7]
  • Malware / Spyware (…you didn’t know it, but you just installed a program on your computer so prepare for nonstop pop-up banner ads…) [section 8]
  • Fraud (… this week we’re having a 75% off sale… but surprise, it’s really only 15%….) [section 75]
  • Harvesting (… I’ll build a big email database by grabbing every email address ever published on the web…) [section 82 (2)]
  • Privacy Invasions (… I’ll just help myself to all of your personal information even without your permission…) [section 82 (3)]

The stated purpose of the law is: “An Act to promote the efficiency and adaptability of the Canadian economy.”

Does This Law Affect Me?

Are you sending email from Canada? If so, the answer is yes.

Are you sending email to anyone in Canada even if you are located somewhere else? If so, the answer is yes.

The reason CASL could have a huge impact is because of this second question. The law is not just limited to Canadians, it takes effect any time a Canadian computer is used to access the email (or any commercial electronic message). So, if you’re in the USA, but your email newsletter also goes to those north of the border, then all these rules apply. Even if you’re somewhere overseas, the claim is that CASL is still in force.

This is what Andrea Rosen, the CRTC’s chief compliance and enforcement officer said:

If the spammer is offshore, we have the ability under the law to co-operate with foreign governments, to share information and to bring proceedings together against individuals that are offshore.

I don’t want to go into this quote too much…. but…. (please read this with the highest degree of saracasm)… good luck Canada!
I look forward to hearing about the case: CRTC vs. Random Spammer X located in a cave in a far off land sending emails about the best ways to enlarge your (use your imagination)

The funny thing is that all those “buy drugs from Canada” spam messages we receive usually aren’t sent from within Canada, so the enforcement is going to require this offshore cooperation. Again, good luck Canada!

It should be noted that there is a special exemption in CASL if the sender does not know or could not expect to know that the receiver was in Canada.

What are the main requirements of CASL?

The entire law is long (really long), but in a nut shell, these are the key requirements:

  • Permission must be obtained before sending email.
  • The permission must be able to be proved with clear consent.
  • No pre-checked boxes on forms. The consent must be an affirmative action. [<< Make sure you take note of this for any forms you use!]
  • No false or misleading subject lines or from names. The sender must be clearly defined.
  • Working unsubscribe mechanism. Any unsubscribe requests must be processed within 10 days and the unsubscribe link must be valid for 60 days after the send date.
  • You are not allowed to confirm unsubscribes by sending an “Are you sure you want to unsubscribe?” email.
  • Must include a valid postal mailing address (P.O boxes are fine) and one of the following: web address with contact form, email address or phone number.
  • If you are sending “on behalf of” another organization, both organizations must be identified.

It should also be noted that charity organizations are included in CASL if they are selling or soliciting anything.
If you’re an existing customer of Elite Email, then your email marketing activities are already abiding by a lot of these requirements.

What is Exempt from CASL?

There are a variety of things that are specifically excluded from the rules outlined in CASL. My theory is that this list will be expanded before things are finalized, but here are the main exemptions right now:

  • Email between family or people you have a personal relationship with (… phew, you won’t go to prison for emailing your aunt!)
  • Employees at one company emailing employees of another company, if the companies have a business relationship.
  • Responding to an inquiry that could be in the form of a question, complaint or solicitation.
  • Work-related emails sent between employees at the same company.
  • If someone requests more information from your company (could be for a quote, estimate, general information, membership inquiry, etc) then you can reply to them.
  • A charity can contact someone if they made a donation in the past 18 months.
  • Any legal message relating to a recall, copyright notice, or debt collection request.
  • One non-consent email can be sent for third party referrals provided that the person/organization making the referral has either a non-business or personal relationship with the recipient and sender. On top of that, the sender must clearly state who made the referral.
  • Transactional emails that do not contain any marketing language (<– We’re for sure going to see this further clarified.)

How Does CASL Define Consent?

The underlying key to CASL is consent, consent, consent. You just cannot do anything without consent.

CASL has mapped out four different circumstances that would qualify as consent.

  • Explicit Consent
    This is when the recipient gives you direct permission to email them. For example, if someone signs up for your mailing list using an online signup form that would qualify as explicit consent. But, remember, this type of consent cannot be obtained through opt-out, so make sure you don’t pre-check the “Yes, I want your mailings” box because that voids everything (… and then you do not pass go, do not collect $200, and you go straight to jail).
    You can also get oral or written consent, but this starts to get tricky because you have to be able to prove that consent was obtained. If you’re planning on getting consent using these methods, make sure you document everything very carefully so you can provide your case if it comes to that.
  • Implied Consent
    This type of consent takes the form of an existing business or non-business relationship between the sender and recipient. In the eyes of CASL, a “business relationship” is one where a customer has made a purchase from you or entered into a contract. A “non-business relationship” would be if someone does volunteer work for you or actually becomes part of your organization.
    One really important thing to note is the “2 Year Rule”. If someone purchased something from you in the past 2 years, then you can send them emails for 2 years from their purchase date under the implied consent criteria. However, during that time you must obtain explicit consent if you want to email them after the two years. Keep in mind that if this same person buys from you again during the two year period, the clock resets and you’ve got two more years before you need explicit consent.
  • Conspicuous Publication
    This is definitely an interesting part of the current draft of CASL. If you obtain someone’s email address and it meets these criteria, then you have qualified as having enough consent to email them. (1) Their email address is clearly published for viewing; (2) The address is not accompanied by a statement saying that they do not want to receive unsolicited messages; (3) the message is directly related to the person’s business or official role.
    Two important things to be aware of is that the clear publishing of the person’s email address must be done by the person directly or with the authorization of the person. So, a company website that lists an employee roster is legit, but some random website that posts a bunch of contact info is not OK. Also, the email you send must be highly related to the person’s job/role , which is very vague in the current draft. But, as an example, you can email a lawyer about a new law book, but you cannot email them about the cool new t-shirts you’re selling.
    The last thing on this topic is to keep in mind that PIPEDA prohibits the harvesting of addresses, so you cannot use a program to automatically capture this information from the web.
  • Shared Email Address with the Sender
    I call this the “business card” rule. If someone gives you their business card then you can email them stuff that is related to their job/role. Of course, they can also give you their email address in other ways, but the main thing is that they are willingly supplying you with their email address and not saying that they do not want to receive emails from you. Although, I can tell you that if someone hands you their business card and says “don’t email me” that probably isn’t a really good sales lead.

When Does It Take Effect?

Before we look at where we’re going, lets take a look back at where CASL has been:

  • May 25, 2010 :: Bill C-28 First Reading
  • Dec. 15, 2010 :: Royal Assent (Passed)
  • July 2011 :: Regulations Drafted
  • July 2011 :: Regulations “gazetted” for Review
  • Sept. 7, 2011 :: Draft Regulations Comment Deadline
  • Mar. 2012 :: CRTC Regulations Gazetted
  • Jan. 5, 2013 :: Industry Canada Draft Regulations Published for Comment
  • Mid 2013 :: Industry Canada Final Regulations
  • Mid 2014 (maybe?) :: CASL Takes Effect

So, the answer to when CASL will go live is still a topic of much debate. (Insert gasp here that the Canadian government moves slowly!)

CASL was recently delayed for a few reasons:

  • Still ironing out details as there are many unhappy parties (more on this later)
  • There is disagreement between Industry Canada and the CRTC about how the law should be regulated
  • There are expected mid-term cabinet changes and these shifts could skew priorities.

If you really want to make a note in your calendar, then current speculation is that the law will not be enforced until the Fall of 2014. This follows a one year grace period after everything is published this year. However, don’t be surprised if this gets delayed yet again.

On top of that, CASL will have a transition period once it comes into effect so that organizations have ample time to obtain the neccessary consent to ensure they are playing by these new rules.

What is the Penalty for Violating CASL?

Canada’s anti-spam law is not fooling around when it comes to the punishment for breaking the rules.

Penalties for violations can range from up to $1 million for individuals and $10 million for companies.

Three interesting things to note about the enforcement of this are:

  • Any person can bring this law against a sender up to $1 million. But, if they are found to be incorrect, they will be required to pay court/legal fees. So, it’s not like if you avoid sending emails to the RCMP you can avoid getting in trouble because anyone can make a claim under this new legislation.
  • If you can demonstrate that you made very strong efforts (due diligence) to comply with all the rules and done everything to obtain proper consent, then that will play a factor in the event a lawsuit comes up. It is for this reason that it’s super important you keep track of everything so you can cover yourself later with a stronger case if things get messy.
  • Officers of an organization can also be held accountable for the messages sent out by their organization. Bottom line, YOU are responsible if you do bad things.

What is the Difference Between CASL and the U.S. CAN-SPAM Act?

There’s a long list of differences between these two sets of regulations, but the major differences are:

  • CASL requires express consent to send commercial messages. Basically, the recipient must “opt in” as opposed to the CAN-SPAM Act that mandates “opt out”. So, under the US law, you can send someone a first email as long as they can request no further messages, whereas under the Canadian law even that first email has you breaking the rules.
    Note: Email marketing best practices already encourages the opt in procedure as opposed to opt out.
  • CASL requires specific disclosure when an organization requests consent. Senders must clearly state the reason they are requesting consent, clearly identify themselves, provide contact information, and explain that consent can be withdrawn later. None of this appears in the CAN-SPAM Act.
  • The coverage for CASL covers email, text messages, instant messages, directly pushed social media messages, and installation of computer programs. The CAN-SPAM Act covers email.

 What Should You Be Doing to Prepare for CASL?

The good news is that if you are a customer of Elite Email, then you are already doing most things to comply with CASL. Built right into our online email marketing software is a process that makes sure you’re covered on a lot of these items. But, there are still some things I want to highlight so you’ve got a good checklist of items on your radar that you can be aware of.

  • Consent, consent, consent… it’s all about consent! We want to have bulletproof iron-clad proof that we’ve obtained consent properly and legitimately.
    • Record all sign-ups from your website.
    • Capture and record the IP address when the signup is first initiated and later confirmed.
    • Document how your relationship with someone began. Did they purchase from you? Did they signup online for your newsletter?
    • If you’re getting oral or written consent, make sure it’s something you can later prove. (This could be a challenge, so online signups or something with a digital papertrail is better.)
  • Take a detailed look at your database and try to figure out who you need to re-confirm with proper provable consent.
    • Are there customers who purchased from you 2 years ago that you won’t be able to email if they don’t re-confirm?
    • Are there contacts where you’d have a hard time proving their consent?
    • Are there contacts who haven’t engaged with your emails (opened or clicked) in a long time? If so, try to re-engage them or take them off your list.
  • When someone signs up for your mailing list, send them a welcome email to verify their subscription.
    • This double opt-in or closed-loop subscription process is important not only to comply with CASL, but also to make sure that a sneaky individual didn’t come to your website and signup using their arch enemies email address…. because then you might get spam complaints as well.
  • Make sure your subject lines and sender names are correct, clear and consistent. (The three “C’s” if you will.)
  • Have a working unsubscribe link and valid contact details so someone can reach you if they want to.
    • This includes monitoring replies you receive from your email so if someone says “remove me”, then you can do it right away.
    • Sending your emails from a no-reply address is a BAD thing.
  • Make sure your postal address is in your emails.
  • Take a look at your privacy policy as it relates to data collection to ensure it’s up-to-date and aligned with all the new CASL rules.

Remember that CASL is still evolving and being refined. No one knows yet exactly what the final set of rules will look like. So, while the above steps will keep your best foot forward, make sure you keep an ear to the ground so that if something does change you are not caught off-guard. Rest assured, the compliance team at Elite Email is also all over this!

What Are Some of The Criticisms of CASL?

There’s been a lot of backlash since CASL was originally proposed. For instance, there was a two month consultation period (ending on Sept. 7, 2011) where 55 different organizations raised their concerns to Industry Canada. As a result of that, a revised regulation was published on Jan. 5, 2013, but the criticisms certainly have not stopped.

I don’t want to go too much into this, however if you want to read more, Marketing Magazine has a good article titled “The Hidden Costs of Canada’s Anti-Spam Law“.

The one over arching theme from everyone who is complaining about this is not that they are against stopping spam. Everyone is on-board with stopping spam as no one needs more junk mail. The criticism is that this new law will do nothing to actually stop spam. It enforces a new, broad and strict set of rules on organizations that are already trying to do things properly, while really doing nothing to stop the worst offenders who are sending spam from a far off land. So, CASL is giving us more red tape and hoops to jump through, but what is it actually doing to benefit Canadian citizens?

On top of that, many in the small business community are outraged because to some it feels like these new laws put up serious barriers to using email effectively because they cannot afford to invest resources to wade through all the red tape. There has been a shift from sending paper flyers through Canada Post to email because it’s more effective, more measurable, more affordable, and definitely more environmentally conscious (to the joy of trees everywhere!). But, if the Canadian Government wants to clamp down on what can be sent through email, will it result in more junk filling up your physical mailbox?

Personally I think there are some good parts of CASL. In certain spots of the legislation you can really see the positive intent of what they are trying to accomplish. But, it’s gotten so bloated with this scenario and that scenario, that I fear the true intent is getting lost and in realty it may only result in punishing the people who were doing everything 99% correctly anyway.

You can get more information direct from the Canadian government at http://fightspam.gc.ca.

CASL - Canada's Anti-Spam Legislation

 

This blog post is intended to provide our general comments on the new law. It is not intended to be a comprehensive review nor is it intended to provide legal advice. Readers should not act on information in the publication without first seeking specific advice from their lawyer. In short, I am not a lawyer, nor do I pretend to be a lawyer.

 

The prevailing ideology in the world of email has historically been that spam is the biggest threat to email productivity.

A recent 2012 study titled “The Economics of Spam” by Justin M. Rao (Microsoft Research) and David H. Reiley (Google Inc.) estimates that American firms and consumers experience costs of almost $20 billion annually due to spam. Other studies have estimated the costs even higher closer to the $50 billion mark.

One of the big factors that goes into the cost of spam is lost productivity. If an employee spends 20 minutes a day weeding out spam from their inbox, and assuming an average hourly rate of $23.82 (Bureau of Labor Statistics, Feb. 2013), the daily cost is $7.86. With 52 work weeks, this results in $2,043.60 per year.

However, with advances in spam filtering technology, that number is expected to drop rapidly and a new enemy to email productivity has emerged.

The new biggest problem: Long Emails

We live in a society of 140 character tweets, 30 second video clips, quick SMS text messages, and fast status updates. Yet despite the global move towards brevity, emails can still be very long. This is the new economic challenge.

Using the same calculations as before, we can see the direct effects this plague of long emails has in terms of productivity and dollars. A poll by Elite Email reveals that the average employee reports spending 90 minutes per day reading through long emails. This works out to a daily cost of $28.58 and a huge annual cost of $7,430.80. This clearly highlights that long emails pose a far greater threat than spam.

The top ISPs of the world are jumping on this problem right away before it spirals out of control.

Google (gmail), Yahoo, Microsoft (outlook/hotmail) and AOL have come together to form a new task force named U.S.A.P. (Unified Short Attention Span).

These big four mail providers are not wasting any time and have already proposed new limits coming into effect on January 1, 2014.

Starting in 2014, all emails will be limited to 500 words. Any words over that limit will not be displayed.

The U.S.A.P. organization said, in its official statement:

In today’s economic climate we can no longer afford to play a part in decimating the productivity of the average employee and forcing businesses to incur this unfair cost brought about by long emails. We are going to reign in this problem now and impose harsh limits to get things back on track. We believe these new limits will be welcomed by email users globally and celebrated by business owners who can capitalize on big productivity savings.

As of January 1, 2014, anyone composing a new email will see an alert when they exceed the 500 word email limit.

Gmail: 500 Word Email Limit

Screenshot from Gmail enforcing new 500 word limit.

The new restrictions have received a lot of support from the internet community. While many recognize the limit as harsh, the global consensus is that desperate times call for desperate measures and this is precisely what we need.

Is your organization going to be ready to work within the new 500 word limit?

Many consultants have started running seminars at larger organizations in an effort to treat the condition known as “digital verbal diarrhea”, which is the key driver behind long-winded emails.

One consultant we interviewed said:

Digital verbal diarrhea is a serious issue. But, the first step is admitting you have the problem. Once you’ve come to terms with that, we can begin to treat the issue at its core. The ultimate goal is to have you writing short emails and never relapse into the never-ending scrolling emails that plague so many people right now.

At Elite Email, we firmly believe that these new restrictions will usher in a new era of responsible emailing that will boost productivity in one big swoop. We fully support the initiative by U.S.A.P. as a big step forward in global digital communication.

Furthermore… Happy April Fools’ Day! :)

 

Cue the fight music…

In this corner, we have Spamhaus, a nonprofit filtering service founded in 1998 that seeks to identify spam senders and spam service. They play a role in more than 1.7 billion email accounts worldwide as network operators use their data to determine the good from the bad (with the best of intentions, of course). They champion themselves as working to protect internet networks worldwide by providing real-time data.

In the other corner, we have CyberBunker, a Dutch web hosting company that claims it will host “services to any Web site ‘except child porn and anything related to terrorism”. It is known for allegedly hosting spammers. The company derives it’s name from the location of their office, which is a former military nuclear warfare bunker in the south of the Netherlands that became a data center in 1998.

The back story to the steamy drama…

Spamhaus blocked CyberBunker so that they could no longer deliver any emails. And, as a result, CyberBunker is really (…how can I put this politely…) really really angry about it. Their claim is that Spamhaus can point to a website and demand it be shut down without any court order or care to freedom of speach and net neutrality.

Spamhaus is a major censorship organization only pretending to fight spam, said a CyberBunker spokeman.

The fight is not limited to just CyberBunker alone as Spamhaus has no shortage of enemies in many parts of the world. In an interview, Sven Olaf Kamphuis a spokeman for Cyberbunker said they were not directly behind the attack. The claim is that it was members of a different organization and owners of various websites who  got together on a Skype chat and hatched plans for this big attack.

The implications…

Normally the world would not care enough about a DDoS attack, but this is no ordinary attack. Let’s assume email is at the center of the internet universe. Spamhaus acts as a big filter for all that email, just like pouring water through a strainer. Now imagine that strainer gets clogged to the point where a lot less water can go through. The same cup of water you could pour through in an instant, now takes a lot longer. That, in the most non-technical explanation (…tech details below) is what is happening to the global email ecosystem. It’s just going a little bit slower. It’s not something you would have noticed, but it was a second here and a second there… adding up across millions and billions of emails. In some sense, you could imply that this slowed down the world economy even if ever so slightly. What makes this especially noteworthy, is that experts agree that this is just the beginning.

If this is just the beginning of these types of “domain name service reflection” attacks, then the impact could be felt even more depending on who the next target is. While Spamhaus was able to mitigate the attack fairly well and has a truly remarkable network with over 80 servers around the world, this same blow could have literally knocked a government offline.

The technical details…

The hackers used Spamhaus’s DNS (domain name system) servers exploiting a known vulnerability with DNS. The attack began on March 18, 2013 and normal operations were restored by March 22, 2013. (For those curious about DNS servers….these are the workhorses that translate the pretty domain name you type into your browser into a machine-readable IP address that loads a website.)

This DDoS (distributed denial of service) attack was unbelievably large at a record setting 300 gigabits per second. To put this in perspective, an “average large scale attack” would be about 50 gigabits per second and the largest publicly reported attack was 100 gigabits per second.

The night in shining armor…

If you have ever wondered what a PR home run is…. it is this. CloudFlare was hired to help mitigate the attack and considering the size, they did a fantastic job that certainly catapults them to a whole new level in the DDoS arena.
The technical details of how they did it are pretty intense, but if you want all the nitty-gritty info, you can read their blog post here.

Spamhaus refutes the claims by CyberBunker saying,

We have 1.7 billion people looking over our shoulders to make sure we do our job right. If we start blocking things they want, they won’t use our data any more.

Why is this going to get worse…

Yuliya Krivosheina, the corporate communications manager at internet security giant Kaspersky, said,

In general, attacks of this type are growing in terms of quantity as well as scale. Among the reasons for this growth is the development of the Internet itself (network capacity and computing power) and past failures in investigating and prosecuting individuals behind past attacks.

What do I think…

As a permission-based email marketing company, Elite Email, has been championing the fight against spam for over 10 years. In short, spam is bad. Period.

Sending people stuff they don’t want and didn’t ask for is wrong and failing to respond to requests to stop emailing is completely unethical.

Email is a powerful tool, but with great power comes great responsibility and those that use email for wrong should be stopped. I believe that Spamhaus has a noble mission and does truly intend to be fair in it’s judgments. I have dealt with them in the past and have found them to be very responsive with the ultimate goal of helping keep people’s inboxes safe, which is something we all want. After all, if they can keep spam out of people’s inboxes, then it just paves the way to more successful proper and permission-based uses of email!

That being said, I do support free speech and think there is a grave danger (and history has taught us) in potentially blacklisting the wrong people or organizations. As such, I think an organization that wields so much power, whether it is Spamhaus in the email world, Google in the search world, or any number of other companies that dominant an industry, do have a certain responsibility to double-check their actions and ensure fair treatment to all.

I am not in any way implying that CyberBunker should not have been blocked. I haven’t seen the data and without evidence I just cannot make a fair decision. If they broke the rules and continued to break the rules, then they deserve it. If they did not break the rules (although most signs point to the contrary) then they should not be victimized. For me the key is fairness and due process on an international cyber scale.

Photos from spamhaus.org and cyberbunker.com

Photo/Image Credit: spamhaus.org & cyberbunker.com

Watch the video interview with CyberBunker spokesman here: http://rt.com/news/spamhaus-threat-cyberbunker-ddos-attack-956/

 

The government of Canada has released a new infographic that outlines 5 things to look for to raise some serious red flags that a message is spam.

While most people will probably find these things obvious, I do think it acts as a quick reinforcement of what should get your spidey sense tingling.

The infographic is all part of Canada’s imitative to crack down on spam (which is a good thing for legitimate email marketers and all email users) as the country prepares to roll out it’s new Anti-Spam legislation. The infographic really applies to everyone, not just those within Canada, since the traits of spam are almost universal.

Worried It's Spam: 5 Things To Look For

Worried It’s Spam: 5 Things To Look For

 

The 2012 London Olympic games are finally upon us and excitement is in the air.

But, along with all the energy, excitement and anticipation for the athletes (…and me watching!) is a hefty amount of email scams.

After all, spammers love a good opportunity to steal from people and with “Olympics” on everyone’s mind, these less-than-credible folks have all sorts of sneaky ways to come at you.

The purpose of this blog post is to make sure you are aware of what is happening so that you are on high alert and don’t end up forking over your bank account information to someone who promises you an authentic gold medal!

The problem is so prevalent that the organizers of the games posted on their website the most common scams to watch out for. These include:

  • Emails/letters informing the recipient they have won an ‘Olympic lottery’ that they haven’t entered.
  • Emails/letters to manufacturing companies, asking them to pay large fees in order to provide items for the Games.
  • Emails/letters informing the recipient that they can apply for a job being involved with the Games for a fee.

As always, try to use good judgement. If you did not enter an Olympic lottery, you probably didn’t win the Olympic lottery!

If you receive an email that seems like it could be one of these scams, do not click any links and do not download the images from that email.

Of course, there are many legitimate emails being sent that talk about the Olympics. So, don’t ignore anything with “Olympics” in it, but do be cautious if you receive an email from someone you’ve never heard from before.

The Olympic organizers compiled a PDF of known scams, which you can download here: Summer Olympics 2012 Scams

Enjoy the games!

 

We all know that over the years politicians have developed a less than stellar reputation. But, in the back of my mind, even through all the scandals, mud slinging and broken promises, I’d like to believe that deep down inside the key political figures of our time can still in some sense lead by example. As it turns out, especially from the perspective of an email marketing guy, that is not true.

Elite Email has learned that defeated Presidential Candidate New Gingrich is actually selling the email database of his donors in an effort to dig his campaign out of the $4 million debt.

Personally, I am disgusted by this because I cannot believe someone who was vying for the Presidency of the United States could so easily turn their back on supporters. I mean, if Newt Gingrich could not follow the privacy policy on his website (see below), how could he possibly have been in charge of foreign policy for America?!

The privacy policy on his campaign website says:

“We are committed to protecting your privacy online.”

Clearly they are not trying very hard! The campaign is selling the donor database (complete with email address and other personal details) through a brokerage firm named TMA Direct. What this means is that anyone who donated to the Newt 2012 campaign is going to have their information exposed and will likely start receiving a lot more spam. Moreover, this spam will be of the worst kind because the database isn’t just your email address, it’s your other personal details, too.

To make matters worse, the Gingrich campaign is also doing “email appending”. What this means is that if you donated to the campaign, but did NOT give your email address, they can still use all your other personal information to get your email address. Once they have that, they bundle it all together and sell your complete record.

This is covered by this part of the campaign’s privacy policy:

“We may obtain information about you from outside sources and add it to or combine it with the information we collect”

This is really a bad practice that all email markers frown upon because it means that even though you didn’t give your email address to the campaign and definitely did not provide consent to receive emails, they can still email you…. and now they are selling your data!

You can read our full press release here: http://www.prweb.com/releases/email-marketing/newt-gingrich/prweb9512721.htm

One of the first things we teach anyone who is working at Elite Email is about permission mailing lists, opt-in, and consent. We ensure that everyone here understands what “email marketing best practices” are, what the “spam laws” are, and how we can ensure the integrity of our network by only sending legitimate email marketing campaigns so they can teach & coach our customers. It is terrible to see a political candidate completely balk at all of this and do something so blatantly against the rules.

I understand that political campaigns are expensive, and I understand that the Gingrich campaign being in debt is not good news for then… but sacrificing the privacy of your donors as a remedy to me is way way over the line.

As one last little tidbit of interesting information…. the price that is being charged for your data is actually higher if you were a “big donor” and lower if you were a “small donor”.

© 2013 Elite Email Inc. Email Marketing by Elite Email | Blog Admin