Yahoo Mail Hacking Reveals Do-Not-Reply Failures
Much has been written about all the Yahoo Mail accounts that have been hacked in recent months. One of my tracking accounts was among those hacked and hijacked into sending a spam email to each of the contacts in my address book—which was full of sender addresses used by retailers to send promotional email.
The resulting stream of “Failure Notice” messages made for a poignant commentary on the practice of using do-not-reply email addresses and mailboxes that don’t accept email. Even the “Thank you for contacting us” replies were mostly just messages saying that you reached an unmonitored inbox and instructing you to contact them by other means. Only a handful of brands including Alloy, Banana Republic, Crutchfield and Drugstore.com confirmed receipt of the message and said they’d reply (which none of them did considering it was obviously spam).
In the past, opponents of do-not-reply addresses have argued that they’re subscriber-unfriendly, that they send the message that it’s okay for the marketer to email the subscriber but not vice versa. Making it impossible to easily reply to messages eliminates interactions that might otherwise occur, which is a detriment to the marketer and their brand. Those points continue to be true.
However, over the past year or two, a new reason has emerged to ditch the do-not-reply address and start monitoring the replies to your promotional messages: deliverability. ISPs now factor in engagement metrics when determining whether to deliver, junk or block your emails. So if your subscribers open, scroll through, click, mark as important, forward, reply to or otherwise interact with your emails, then your future emails are more likely to be welcome.
While monitoring promotional email sender address accounts can be a chore because of all the spam and out-of-office auto-replies they get, more tools are now available to separate the signal from the noise.
So if you’re still using a do-not-reply address, you now have one less reason to keep using it and one more reason to make the switch.
This incident has me curious as to how those other retailers handled it – those without the do-not-reply addresses – who must have seen the spam, and yet still responded to it. Did they politely inform you that you appeared to have been hacked? If so, how informative were they regarding the history? Did they offer any advice against future hackers? Or, though I can’t imagine this a likely possibility, did they attempt to treat the spam as a genuine customer interaction?
Emily, great questions. I went back and looked at all the emails and updated the post (see second paragraph). Essentially none of them responded in any way to it.