Saturday, January 28, 2017

PopUp/PopUnder is the WORST advertising strategy (+FACTS!)

Marketing is one of the key elements for a successful campaign / product launch and even sales.
You have your product ready to be sold, and you need to get people exposed to it, so some of them will be interested enough to buy it.

While I myself represent the E-mail marketing world, over the years I have had my experience with display ads (Banners), but recently I wanted to put the PopUp/PopUnder marketing strategy to a test.

I have read a few blog posts not long ago that suggested that popups have a 2% CTR, and having a blind trust in this data, One of our clients who has a viral website, put out a popup/popunder campaign to test the effectiveness of this marketing method.

The results were quite disappointing - out of 1600 popups that were shown, only 3 people clicked on his landing page.  3 clicks out of 1600 popups impressions = 0.1% CTR !!

We must put some other fact here - the landing page that he displayed on the popup was exactly the same design that was sent in his E-mail campaigns.  And in his e-mail campaigns this same design brought up to 7% CTR , which is 70 times more clicks.

So we wanted to put the popup/popunder to a more accurate test, to better reflect the performance of popups/popunders.

This is what we did:

1. We created a landing page based on the same design he uses in his email campaign.
2. We have put 4 signals to measure the popup performance:

  • First signal is fired when the landing page is first called by the popup ad network
  • Second signal is fired after 2 seconds once the page was initially requested
  • Third signal is fired when the page is physically viewed by the client (using the Visibility API of modern browsers)
  • Fourth signal is fired when a user clicks on, one of the links in the landing page
3. We also installed a user-recording analytical tool (similar to ClickTale) to see what the user has physically done on the page in case he interacted with it.


The results:

We gave this landing page a few hours to run, collecting well over 500 popup/popunders that were called.  The result:

  • All of the popups only fired the first signal (initial page request)
  • 45% of the popups fired the second signal (JS event after 2 seconds since the page loaded)
  • 3.4% of the popups fired the third signal (indicated the page was physically viewed)
  • 0% of the popups fired the fourth signal (click on one of the links)

So, from this test we can conclude that before we want to calculate what is the CTR rate of the popup, first we need to get the visitor to actually SEE the landing page.  This is true in any form of marketing - you can only make conclusions based on real, physical views of your advertisement.

And as we can see from this data, the results are far from being in our favor - only 3.4% of the people that have a popup or popunder showed to them come to the part where they realy see what's inside.

We can assume, then, that a little more than 96% of the people that are exposed to a popup/popunder NEVER SEE THEM.  They just either close them immediately, or they close the popup window without even opening it (This is, of course, possible just like you can close any window in your desktop without having to open it - A simple right-click on the window, and an option to close it is available).

So, if around 96.6% of popups aren't even viewed.. consider the following: 100,000 popups generated, 96.6% of them aren't even seen.   That means that out of 100,000 popups, only 3400 people will actually see your ad.

One more thing to consider as a disadvantage to popup/popunders marketing, is the obvious pattern interrupt and context-switching that this form of marketing presents - the visitor is apparently having his attention somewhere else, where suddenly an intrusive attempt to sell something to him pops infront of his face.   And people's natural response to a pattern interrupt, is to simply ignore it and go back to do what they were doing before.   Another aspect which makes popups a realy bad marketing strategy, even more so than banner ads.

I hope this information was useful to anyone who wishes to consider popup advertising.

I won't completely ditch popup advertising because there are some advantages to it as well (for instance, the relatively low cost), but I thought it would be neccessary to have this information out there for people to consider this marketing strategy for themselves.






Friday, January 6, 2017

Razor2 "blacklist" .. apparently that's what it is

In my last post about how spam filters realy work, I talked about the use of distributed "black lists" that are use to collaborate on blocking sender's IPs , domains, or content based on some "shared" knowledge.

Most of the "known" blacklists, i.e: services that actually pretty straightforward say that they are blacklisting services, are usually being fed from automated honeypots (aka "spamtraps") to collect their data.

The reason why automated honeypots are used, is because of the huge amount of spam email that is sent each day.  I mean think about it.  there are several billions of emails sent each day, and according to the last statistics by Cisco's SenderBase online email monitoring service, about 85% of email sent is "spam".

That is an amount that is way too much for humans to read and interpret each message, so automated honeypot for "flagging" a sender in a blacklist, and on the other hand giving the senders option to request a removal from the blacklist in case of a false positive exists as well.

And then here comes the Razor2 engine that is used by SpamAssassin, and apparently by a big majority of email filtering platforms.

If you don't know what Razor2 is, let me refer you to some email headers generated by SpamAssassin that will give you a clue what I'm talking about.  If you've seen any of the following:


RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) 

RAZOR2_CF_RANGE_E4_51_100 Razor2 gives engine 4 confidence level above 50%
                          [cf: 100] 

RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% [cf: 100] 



Then congratulations - You are listed in Razor2's database.. erm.. sorry.. blacklist.

It's funny that Razor2's creators insist that it is not a blacklist.. but a "distributed hash sharing system".
So.. here are some interesting facts to know about Razor2 :


Fact #1 - Razor2 is now owned by CloudMark security

You're probably familiar with CloudMark's IP reputation check tool.  They are huge player in the field of email security / threat protection and of course.. spam filtering.

And it turns out, that they decided to purchase Razor2, and not only that.. but they also host Razor2's main query requesting domain:


Name: discovery.razor.cloudmark.com
Address: 208.83.139.205
Name: discovery.razor.cloudmark.com
Address: 208.83.137.118
Name: discovery.razor.cloudmark.com
Address: 208.83.137.117



Fact #2 - Razor2 is a blacklist

A sender's blacklist, is by its definition - any distributed list of blocked IPs and or sending domains that are used to send spam.. that's exactly what Razor2 is.


Fact #3 - Razor2 do not offer a removal tool

Actually in this aspect, I can understand.  Razor2 tends to be a reputation based system, which means that records are "cleaned" once the offending (spam) traffic has ceased to be sent.  Gmail and many other known email providers seem to work that way as well.



One Unknown fact about Razor2

There's though one aspect of the Razor2 list that remains a mystery, and that is - who feeds this list?

Razor2 have created an Outlook plugin for reporting email to them, apparently it seems to be fed from real humans who get spam messages and then they use this "report" plugin to send the reported has to the Razor2 database.

On the other hand.. a question arises.. how many reports should be sent to them in order to decide that a sender should be blocked?  1 report?   2 report?   10 reports?

And the other question is.. who can guarantee that there's no person who just installed a honeypot with a Razor2 report plugin that just reports any message that arrives to it automatically as it arrives?

Indeed interesting questions that I hope that someone from Razor2 could one day provide the answers to them.