If it looks like a phish…

Recently I moderated a panel comprising the postmasters of some of the world’s largest email receivers, including Google, Microsoft, Oath (AOL, Verizon, Yahoo!) and Comcast.

I moderate this panel several times a year and it is always a very informative and interactive session. I have never walked away from one where I did not learn something new or useful. October’s panel was no different; in fact, what I learned was very interesting and I thought I would share it here.

The panel

Among the collection of “usual suspect” questions I presented to the panelists, there were several new ones. A question came up about using a shared domain among several different senders and how to deal with that to avoid classification pitfalls. Although there was a lot of interesting information discussed around this topic, the conversation branched off into talking about phishing, “look-alike” domains and machine learning. Yes, you read that right – phishing, “look-alike” domains and machine learning!

Let me explain. While answering the question, one of the receivers brought up the use of what they referred to “look-alike” domains. When orchestrating phishing attacks, bad actors sometimes register domain names like those of the targeted organizations, in the hopes of exploiting victims’ typos or inattention. These domains are known as “look-alike” domains, as they appear to be the intended target domain (or some official variation thereof), but are in fact not usually affiliated with the target itself.

The receivers went on to say they are in the process of tuning their machine learning algorithms used for email classification to detect and treat these domains as phishing suspects. The panelists all generally agreed that if a brand is sending bulk email, it should be utilizing a subdomain of its pre-existing domain, and not a domain which looks similar and/or contains an iteration of the already-established brand domain. For example, if you are brandname.com and you send your marketing emails using the domain email-brandname.com, you should instead be sending using the domain email.brandname.com. They agreed that established brands should not risk registering a new domain, which looks similar to its already-existing domain, as the machine learning would eventually detect this and begin to classify the email as suspect.

Some of the receivers went on to add they like to see transactional.domainname.com and marketing.domainname.com in the domains used for mail. This means using the actual words transactional and marketing (or some form of marketing) in the subdomain name. The key with this is “transactional”, as many of the receivers stated when they detect this in a subdomain name, they treat it accordingly unless they see behaviour or characteristics which indicate it should be classified as suspect. Remember, simply putting the word transactional as your subdomain name is not a guarantee of inbox placement! You still have to play by the rules.

Having been in the information technology and marketing space for quite some time now, I know that the practice of using a custom domain for sending of bulk marketing email is quite common. I know of many brands that employ this practice and use such domains for their email marketing programs. For those of you who are using a custom domain and not a subdomain, you may never experience any issues. If you are just starting out, or switching to a new email marketing platform, keep the above information in mind and think about the use of a subdomain or multiple subdomains instead of a new custom domain, which may cause you eventual problems.

Either way, the dotmailer Deliverability Team is here to answer any questions you may have.

dotMailer.com logo

Download Our Logos

Grab a Zip packed with our logos in PNG and EPS formats.

Download logos

This site uses cookies to improve your user experience. By using this site you agree to these cookies being set. To find out more see our cookies policy.