How do link scanners affect click metrics?

Still have a question, spotted an error, or have a better explanation or a source we should cite?

Security systems in corporate email environments scan links before (and sometimes after) delivery to check for phishing and malware. This is standard behavior for email gateways from providers like Proofpoint, Mimecast, and Microsoft Defender. The scanning works by literally clicking the links.

When a gateway clicks your tracking URL, your ESP records a click event. From the analytics system's perspective, it looks identical to a human clicking. You get a click in your report, but no human made it.

The impact varies by audience. For B2B lists where most subscribers are in corporate environments with email security gateways, bot clicks can be a significant portion of your total click count. Some senders see 30-50% of their reported clicks from security scanners. Consumer-facing lists are less affected since fewer personal email accounts run enterprise security gateways.

How to spot it: look for clicks with extremely fast timing (within seconds of delivery, before any human could have received and opened the email), or clusters of clicks from the same IP. Most ESPs have bot-click filtering options, or you can set up click honeypots (links that a human would never click but a scanner would) to identify scanner activity.

This affects your CTOR calculations too, since inflated click counts push the numerator up artificially. Extreme cases can result in clicks exceeding delivered message counts entirely, which is almost always a scanner artifact.

Contributors

Who worked on this answer

Every name links to their profile. Every company links to their site. Real people, real accountability.

Ask an AI · tailored to your setup

Help me identify and filter bot clicks

I send B2B emails to {list_size} subscribers at companies using corporate email. My click rate is {ctr}% but I suspect a significant portion are bot clicks from security scanners. My top-clicked links are {examples}. Can you help me estimate what fraction of my clicks are likely scanner-generated and suggest how I can filter them in {esp_name} or detect them through click timing analysis?

Edit the yellow boxes, then send to the AI of your choice.