The open rate and click rate for an email show you how engaged your contacts are with your content. However, if you're seeing an inflated click rate compared to similar emails, or notice that a contact has clicked on multiple links at the same time, this may be due to security programs at a recipient’s company inspecting the links in your email to determine if they’re directing to fraudulent or phishing websites.
A significant number of your campaign recipients open emails on devices or networks safeguarded by security filters. To protect their customers, these security filters will often (but not always) fully inspect a message by downloading all the images and/or following all the links contained within the body before the message is even placed in front of the recipient’s eyes. These types of inspections will often cause an open and/or a click to be recorded. Depending on the security system, these actions may happen immediately, or at a point later in time. These are known as bot opens/clicks or non-human interactions. Email providers and security vendors do this to protect their users from engaging in bad links or content that contain malware or redirect to phishing sites.
Bot opens and clicks traditionally occur immediately after an email is sent. This, however, may not always be the case. We have also seen them happen as a spike several hours after the send. This can sometimes mean that the security filter noticed something later that caused them to be suspicious of the message. If you notice a higher than-average level of engagement on one of your campaigns, there’s a good chance these are bot opens and clicks.
To make sure your email reporting is as accurate as possible, we attempt to prevent these “false opens/clicks” from being recorded in your engagement data. We’ve developed a list of known non-human user agents (security programs and bots), and when one of these agents scans a link in your email, we don’t record the open or click. We make a best-guess effort, but due to the nature of the activity, it’s impossible to say we catch 100% of these. We’re continuing to improve and update this list of known non-human user agents, and we’re actively investigating other ways to determine which clicks are real or from a security program. This work is ongoing as security vendors are constantly changing their tactics so they can catch the elusive scammers and phishers.
![]() | Did you know? Bot click filtering is currently in a beta test and not yet available to all customers. While in the beta test, bot click filtering is disabled by default and must be enabled through your account settings. |
Bot click filtering improves the accuracy of your email reporting and performance metrics by removing link clicks likely made by security programs, not real people. This stops contacts from being added to segments or automation based on non-human activity, and gives you a truer view of your email engagement. Bot click filtering does not cover link clicks within SMS messages.
![]() | Important: Bot click filtering only applies to click traffic from the point it is enabled or disabled, which can result in email campaigns that include a portion of engagement data impacted by bot clicks. Enabling bot click filtering does not remove bot clicks from your past reporting and disabling bot click filtering does not add bot clicks back into your past reporting. |
When enabled, bot click removal data is included on the Reporting tab of the Email Details page for each email you send. Your click rate is calculated based on the number of clicks and ignores bot clicks. Clicking the hyperlinked number shows you the list of contacts that triggered the bot click filtering.
Copyright © 2025 · All Rights Reserved · Constant Contact · Privacy Center