Mass-Email marketers work on the theory that it costs next to nothing to send a million emails, so if only one in 100,000 people is unwary enough to reply or act on their spam, then they are making money. Unfortunately, that also means that we all have to wade through tons of unwanted spam – and spam senders are constantly trying strategies to fool us into thinking that their mail is important or interesting so we’ll open it.
Hopefully, your mail service provider has anti-spam filters on your account so you don’t get all of the spam that is addressed to you. Ask them to find out what they have in place.
When a message gets through, how do you decide whether it is spam or not? You don’t want to open spam emails – the content may be offensive, or it may contain malware as an attachment, weblink or download. Your best action with spam is to delete it without opening the message.
Here are a few guidelines to identifying spam;
- It is from someone you do not know.
- But there’s a problem with this – if a piece of malware is on a friend’s machine, or someone has hacked their hotmail, yahoo or gmail account, you could be getting spam with your friend’s legitimate address.
- The email is addressed to someone who is not you, or addressed to your email prefix.
- Examples:
“Dear sales” when addressed to sales@mydomain.com
To “undisclosed recipients”
To “my friend”
To “Sir/Ma” – for some reason, spammers often make this error. - The email is from your own address. It is trivial for spammers to falsify the From and Reply To: account information on an email. The spammer is counting on the fact that your spam filters will not block your own address or domain.
- Example: Email to sales@mydomain.com from sales@mydomain.com
- The email contains foreign characters.
- The email subject conveys a sense of urgency to open it. As soon as you see “OMG you have to see this right now”, your defensive instincts should slam on the brakes. The spammer is hoping that excitement will override your common sense.
- The email subject implies bad consequences for not opening/replying.
- Examples:
“Final notice re: your invoice”
“Your login will be suspended”
“Fraudulent activity on your account”
“Please respond to your recent job application” - The email is from a financial institution or a company that does business online – especially if it says that an action is required to confirm your account information or reset your password. Even if the email is from your bank or a company you do business with, be aware that Phishing (simulating the addresses and look of a real business) is a major way that criminals use to steal account names and passwords.
- Examples:
“Confirm your account information”
“Your undelivered FedEx package”
“Your Amazon order is delayed”
“Your bill is now available” - Rule: Your bank will never ask you to log onto your account through an email link. Always log onto a banking or ecommerce website account manually in your web browser, never from a link in an email.
- The subject hits a ‘hot topic’ button
- Examples:
“Approve this charge to your credit card” < this is a great one because your immediate reaction is “I never bought anything – I need to find out who is cheating me”
“Please respond to your recent job application”
“Your income tax return”
“Someone is saying something bad about you on Facebook” - The email subject is blank or the From or To field is blank.
- The email implies that someone wants to be friends or has seen your picture online, is offering you to see pictures or video online, or complements you on a blog post (which you may or may not have made).
- Rule: If you have a legitimate invitation from Facebook or another social site, then it will be in your messages when you log into your social account. Do not follow the email link.
- The email offers money or says you have won something
- The same email is received multiple times, or at multiple accounts at the same time, or from different senders at different times.