If you've been running cold email campaigns for any amount of time, you've probably heard that certain cold email spam trigger words will get your messages flagged. And that's true — to a point. But the conversation usually stops there, which gives people the wrong mental model. They rewrite their email, strip out the word "free," and assume the problem is solved. Then they wonder why they're still landing in spam.
Here's the thing: spam trigger words matter. They're real, they move the needle, and I'll give you a complete list organized by category. But if you walk away from this thinking copy is the main variable in cold email deliverability, you're going to keep fighting the wrong battle. Infrastructure is where the game is actually won or lost. We'll get to that. First, let's talk about what these words actually do and why filters care about them.
Why Cold Email Spam Trigger Words Still Matter in 2026
Spam filters have gotten a lot smarter, but the fundamentals haven't changed as much as people think. Words and phrases that pattern-match to promotional or scammy intent still carry weight in the scoring models. The difference is that modern filters don't just keyword-match — they're looking at the whole picture. Sending reputation, domain age, authentication records, engagement signals, and yes, the content of your message.
What we actually see across the campaigns we run at Beanstalk is this: clean infrastructure plus decent copy gets through. Bad copy on clean infrastructure usually still gets through. Good copy on burned infrastructure doesn't. That tells you where the leverage is. But "usually gets through" is not the same as "always gets through," and certain trigger words will absolutely add points to your spam score regardless of how clean your setup is. So you want to avoid them.
The practical risk isn't just the spam filter itself. It's that flagged emails drive spam complaints, and spam complaints above 0.1% with Google start affecting your deliverability across all your sending. Above 0.3% and you're in real trouble. So the words matter — just not as the first thing you fix.
How Spam Filters Actually Work in 2026
The mental model of "spam filter = list of banned words" is about 15 years out of date. Modern filters — Gmail, Microsoft Defender, Proofpoint, Barracuda — are machine learning systems trained on billions of classified messages. They're looking at probabilistic signals, not a checklist.
What that means practically: a single trigger word in an otherwise clean email from a healthy sending domain probably won't kill you. The same word in an email with a suspicious sending history, no proper authentication, and a list full of invalid addresses? That email is not getting delivered. The signals compound.
Here's what modern spam filters are actually evaluating:
- Sending reputation — domain and IP history, complaint rate, bounce rate
- Authentication — SPF, DKIM, DMARC records properly configured
- Engagement signals — are people opening and replying, or marking as spam
- Content patterns — not just words, but structure, link patterns, image-to-text ratios
- List quality — bounce rate above 2% is a real problem; invalid addresses signal a scraped list
- Volume patterns — sudden spikes from a new domain look exactly like what they are
The Gmail Gemini filtering narrative is also worth addressing directly. A lot of people are worried about AI-powered filtering targeting cold outreach specifically. For Google Workspace users — which is what you should be using for cold email — Postmaster Tools spam complaint rate is still the primary signal Google uses to route your mail. Gemini-style content filtering is more relevant for consumer Gmail. Keep your complaint rate under 0.1% and your infrastructure clean, and that's the actual play for Google deliverability.
The Categories of Cold Email Spam Trigger Words
Spam trigger words generally fall into four buckets. Knowing the categories helps you pattern-match when you're writing, not just avoid a static list.
Financial and "Get Rich Quick" Words
These are the highest-risk words in cold email. Filters are trained on decades of financial spam, and anything that pattern-matches to "I will give you money" is heavily weighted. This includes words that seem innocuous in other contexts — "free" is a classic example. Free is fine on your website. Free in a cold email subject line adds real points to your spam score.
Urgency and Pressure Words
Hard-deadline language triggers filters because it's a signature of phishing and scam emails. Phrases like "act now," "expires today," or "respond immediately" look exactly the same to a filter whether you're a legitimate business or running a lottery scam. The filter doesn't know the difference. Avoid the pattern.
Promotional and Marketing Words
This category catches a lot of people who think they're writing good copy. "Click here," "buy now," "special offer," "order now" — these read as promotional broadcast email, not one-to-one outreach. Cold email that sounds like a marketing blast gets treated like one. Write like a person, not a campaign.
Vague, Sensational, or Self-Defeating Phrases
The classic here is "this isn't spam" — which is about as clear a spam signal as you can send. Same goes for "you've been selected," "congratulations," "guaranteed results," or anything that sounds like it came from a 2003 chain email. Sensational superlatives also fall here: "revolutionary," "incredible opportunity," "life-changing." These phrases don't belong in cold B2B outreach regardless of spam filtering.
Complete List of Email Spam Trigger Words by Category
This list covers the most common words that trigger spam filters in cold email campaigns. It's not exhaustive — filters update constantly — but these are the ones worth actively avoiding.
Financial / Money
- Free money
- Make money fast
- Make money online
- Cash bonus
- Earn extra cash
- Double your income
- Earn $$$
- Financial freedom
- Get paid
- No cost
- Risk-free
- 100% free
- Free gift
- Free trial (in subject lines especially)
- No hidden fees
- No investment needed
- Pure profit
- Pennies a day
- Billion dollar
- Million dollar
- Loan
- Refinance
- Consolidate debt
- Credit card offers
- Mortgage rates
Urgency / Pressure
- Act now
- Act immediately
- Don't miss out
- Don't hesitate
- Expires today
- Expiring soon
- Last chance
- Limited time
- Limited time offer
- Now or never
- Offer expires
- Once in a lifetime
- Only today
- Respond immediately
- Urgent
- While supplies last
- While stocks last
- Today only
- Time sensitive
Promotional / Marketing
- Buy now
- Buy direct
- Click here
- Click below
- Order now
- Order today
- Special offer
- Special promotion
- Discount
- Save big
- Save up to
- Clearance
- Sale ends
- Best price
- Lowest price
- Price drop
- Exclusive deal
- Amazing offer
- Incredible deal
- Bargain
- Free sample
- Gift certificate
Vague / Sensational / Self-Defeating
- This isn't spam
- Not spam
- You've been selected
- You are a winner
- Congratulations
- Guaranteed
- 100% guaranteed
- Results guaranteed
- Satisfaction guaranteed
- No catch
- No gimmick
- As seen on
- Incredible
- Revolutionary
- Breakthrough
- Amazing
- Believe it or not
- This is not a scam
- Opportunity of a lifetime
- Increase sales (standalone in subject)
- Lose weight
- Cure
- Weight loss
- Miracle
Subject Line Specific Triggers
- Re: (when it's not actually a reply)
- Fw: (when it's not a forward)
- Free (as the first word)
- Reminder (when there's no prior relationship)
- Congratulations
- You've won
- Claim your
- Winner
- Verify now
- Confirm your
Words That Are Contextually Fine vs. Always Dangerous
Not every word on a spam list will automatically kill your email. Context and accumulation matter. Here's how to think about it.
Always dangerous, no matter what: "This isn't spam," "you've been selected," fake Re: or Fw: in subject lines, "$$$ / earn money fast / financial freedom" type phrases, and anything that pattern-matches to sweepstakes or lottery language ("you're a winner," "claim your prize"). These patterns have near-zero legitimate use in cold outreach and will hurt you every time.
Contextually dangerous — avoid in subject lines, use carefully in body: "Free," "discount," "guaranteed," "limited time," "exclusive." These words are fine on a SaaS landing page. In cold email subject lines they're a liability. In the body of a well-written, conversational email from a healthy domain, a single instance of "free" probably doesn't tank you. But stack two or three of these in the same email and you're adding up spam score points fast.
Fine when used naturally: "Save time," "results," "schedule a call," "reply to this email," "quick question." These read like a normal human wrote them. The filter pattern-matches to context, not just to individual words. "Schedule a call" in a genuine B2B outreach email isn't a trigger. "Schedule a call NOW before this offer expires" absolutely is.
The practical rule: write like you're emailing a colleague you haven't met yet. Would you send that phrase to a peer you're trying to build a relationship with? If it sounds like a TV commercial, rewrite it.
How to Test Your Emails for Spam Before Sending
There are a few tools worth knowing for pre-send spam testing. None of them are perfect, but they'll catch the obvious stuff.
Mail-Tester (mail-tester.com) — Send a test email to the address they give you and you'll get a score out of 10 with a breakdown. Free for a few tests per day. Good for catching basic content and authentication issues.
GlockApps — More serious tool. Tests deliverability across multiple providers (Gmail, Outlook, Yahoo) and shows you inbox vs. spam placement. Costs money but worth it if you're sending at volume.
Postmaster Tools (Google) — Not a pre-send tester, but the most important monitoring tool for Gmail deliverability. If you're not watching your domain reputation and spam rate in Postmaster Tools, you're flying blind. Set it up for every sending domain.
MXToolbox — For authentication verification. Checks that your SPF, DKIM, and DMARC are configured correctly. Run this on every new domain before you send.
The move is to test any new sequence template before you scale it. Don't fire off 10,000 emails on a new sequence without sending 20-30 test emails across different mail providers first. That's how you find out your DKIM is broken before it torches your domain reputation.
What Actually Matters More: Infrastructure Is the Real Variable in Cold Email Deliverability
Look, I want to be straight with you here because most of what you'll read on this topic stops at the word list. And if you just avoid "free money" and "act now" in your subject lines, you've done maybe 10% of the work that actually determines whether your emails land in the inbox.
We run 217,600+ inboxes through ScaledMail and manage 25-30 active campaigns at Beanstalk at any given time. What we actually see in practice: campaigns that have perfectly clean copy still fail when the infrastructure is wrong. And campaigns with decent-but-not-perfect copy succeed consistently when the infrastructure is dialed in.
Here's what infrastructure means in this context:
Domain age and reputation. Fresh domains need a warmup period before you send at volume. Running 100 emails per day on a week-old domain is how you burn it. We ramp new Google Workspace inboxes over 2-4 weeks, starting at 5-10 emails per day, before pushing to 25/day — the realistic ceiling for warmed Google inboxes. On Microsoft 365, you can run up to 25 inboxes per domain, which gives you serious sending volume without overloading any single domain's reputation.
Authentication records. SPF, DKIM, and DMARC aren't optional. An email without proper authentication gets treated with suspicion regardless of what the body says. DMARC at minimum in monitoring mode. DKIM properly signed. SPF record that matches your sending infrastructure. If any of these are broken or misconfigured, no amount of clean copy saves you.
Bounce rate and spam complaint rate. Keep bounces under 2%. This is non-negotiable. Sending to a list with 10% invalid addresses tells every filter you've scraped a list, not built one. And the spam complaint rate — anything above 0.1% with Google starts affecting your deliverability. Above 0.3% and you're getting routed to spam across your whole domain. These numbers have to be monitored in real time, not checked monthly.
Warmup and volume management. Consistent, gradual sending is the play. Spikes are red flags. A domain that sends 5 emails Monday and 500 emails Tuesday looks exactly like a compromised account or a spam operation, because those are the things that create that pattern. Build volume slowly. Use infrastructure that manages this for you so you don't have to think about it for every campaign.
To give you an idea of scale: we manage DNS setup, domain provisioning, inbox warmup, and real-time monitoring across all of our infrastructure. The deliverability numbers we see from properly managed infrastructure versus set-it-and-forget-it sending aren't even in the same ballpark. If you're serious about cold email deliverability, the infrastructure conversation has to come before the copy conversation.
For more on building the foundation right, check out our cold email deliverability guides.
FAQ: Cold Email Spam Trigger Words
Does using one spam trigger word automatically send my email to spam?
No. Modern spam filters use scoring models, not keyword blocklists. A single trigger word in an otherwise clean email from a healthy domain is unlikely to cause a problem on its own. The risk compounds when you combine multiple trigger words, have authentication issues, or have a damaged sending reputation. That said, certain phrases — like "this isn't spam" or a fake Re: in a subject line — are high enough risk that one instance can matter.
Are there words that trigger spam filters in subject lines but are fine in the body?
Yes. Subject lines carry heavier weight because that's where spammers historically front-load their hooks. "Free" in a subject line is a known trigger. The same word naturally placed in a conversational email body is lower risk. Urgency phrases like "act now" are especially dangerous in subject lines. In the body of a longer, conversational email, a single instance matters less — though you should still avoid stacking them.
What spam trigger words should I absolutely never use in cold email?
The ones with essentially no legitimate use case in B2B cold outreach: "this isn't spam," "you've been selected," fake Re: or Fw: subject lines, and anything that pattern-matches to sweepstakes or lottery language ("you're a winner," "claim your prize"). These patterns exist almost exclusively in scam email, so filters treat them as near-certain spam signals. Financial promise clusters — "free money," "make money fast," "earn $$$" — are in the same category.
I avoided all spam trigger words but my emails are still going to spam. What's wrong?
Almost certainly an infrastructure problem. In order of what to check: (1) Are SPF, DKIM, and DMARC properly configured for your sending domains? (2) What is your domain reputation in Google Postmaster Tools? (3) What is your bounce rate — if it's above 2%, your list has quality issues. (4) How old are your sending domains and have they been properly warmed? (5) Are you sending too many emails per inbox per day? These variables collectively dwarf the impact of copy in determining deliverability.
How often do spam filter word lists change?
The specific keywords that move the needle shift over time as spam patterns evolve, but the categories are stable. Financial promises, fake urgency, promotional broadcast language, and sensational claims have been spam indicators for 20+ years and they're not going anywhere. Focus on writing like a human talking to another human, run periodic tests through mail-tester or GlockApps on new sequences, and monitor your Postmaster Tools domain reputation continuously. That's a more durable approach than chasing an updated word list.
Conclusion: Get the Words Right, But Win on Infrastructure
Avoiding cold email spam trigger words is real and worth doing. The lists above are accurate, the categories are meaningful, and cleaning up your copy will move your spam score in the right direction. Don't use "free money," don't fake urgency, don't write like a promotional mailer. Write like a person.
But if you take one thing from this: copy is the last thing you fix, not the first. Get your infrastructure right — proper domains, correct authentication records, managed warmup, monitored complaint rates. Keep bounces under 2% and spam complaints under 0.1%. Send consistent volume that doesn't spike. Then dial in your copy. In that order.
If you want to stop guessing and actually build the sending infrastructure that gives your campaigns a real shot at the inbox, set up your sending infrastructure with ScaledMail. We handle the DNS, the domains, the warmup, and the monitoring — so you can focus on the campaigns.
