We seem to be under some form of spam attack this month where we are seeing more sign ups than we have website visitors.
The source seems to be shopify (we do not have a banner or a pop-up..in fact the subscription method is hidden away to an extent but still you can see a massive spike in December:
How can I stop this or at least manage it?
Best answer by stephen.trumble
View original
+60
Hey
Thanks for asking the Community for help with this.
I have one main follow-up question, is the list collecting these subscribers set to double opt-in? This is the easiest way to weed out the bots as this requires the extra step to confirm their subscription. When you look at the actually subscriber profiles, it should show you exactly what form they used to signup, either Klaviyo, Shopify or a third party signup form. Locating which form it is can help you decided to disable it or verify that it has double opt in turned on.
If this is coming from the Shopify signup forms, I would dive deeper in your Shopify Account for these additional settings.
Thanks for your reply Stephen!
Double-opt in is deliberately switched off….we may just switch it on while this settles down, for now i’ve disabled the automatic flow.
I guess my question is, why and how is this attack happening?
+60
Hey
So these profiles are likely being added because they are targeting your stores checkout. Every time a checkout started event happens Shopify sends Klaviyo the profile regardless of signup (making double opt-in irrelevant). Check out this Shopify article on how to protect your store from bots.
Thanks Stephen. That can’t be possible as our ‘checkouts’ or ‘add-to-carts’ during the same period are a small fraction of the amount of sign ups that took place.
December to date we have had 92 add to cart of which 75 reached checkout and a total of 1800 site visits - yet we had 1332 sign ups to the newsletter!
I believe it could be some form of spam software being used by someone somewhere!
Hi, I'm having the same problem, every 3-4 minutes a new profile appears with no information!
I don't know where they're registering from as nothing is marked in their file. Do you have a solution?
What segment can I create to group them all together so that I don't have to send them an email?
Thank you
Hey, i have the same issue. not sure why that’s happening, but i got like 5000 new subscribers and around 200 website visitors in total in the same timeframe lol.
+25
Hey
This is a super common problem we talk about a lot here in the community. Check out these solutions to previous questions on this topic:
I’m looking for any advice on how to easily remove thousands of fake spam accounts from my List. Removing these 1-by-1 via the Klaviyo UI is difficult as there are 1000s.
They are easy to spot so far, with Profile Names like “mrettLmEEs rY9SVZAnKp”, “qHcIDvct qHcIDvct”, etc.
I’ve had this issue as well, starting in approximately Feb 2024, we saw a spike in sign-ups do to some type of spam attack, our list grew from 800 to over 3000. Now we have a higher bill from Klaviyo due to all of the fake accounts.
I’ve managed to make some changes on the shopify forms side which seems to have stopped the large inflow.
It would be nice if Klaviyo could offer a tool that automatically flags profiles as potential spam/fake, and then allows removing them en-masse. Removing 1-by-1 via the UI is difficult and time consuming, and I’m facing a higher bill every month due to the fake accounts.
+25
Hey
However, as far as your billing concern goes, if your list is set to double opt-in the bot profiles will never become active profiles because they can’t confirm their subscription. That will help keep your bill down!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
