How to Deal with Spam Mail

One of the downsides of email is being bombarded by spam.

It is ok to receive the occasional unsolicited email from company XYZ advertising products ABC, but when one is forced to wade through variants of the same email advertising the same dodgy stock, questionable pharmaceuticals, lottery scams etc, then it becomes extremely annoying, especially when these emails are received in large quantities.

One is forced to check through all emails received, including the spam, just in case a legitimate email is hidden somewhere between 100 messages espousing the wonders of some or other stock.

Fighting spam poses a significant cost to any organization, either directly from the extra loads on administrators and employees as well as recovering emails falsely identified, or paying for the waste of bandwidth and addressing security risks posed by phishing, scripts and viruses.

While tools to fight spam are continually being improved, Spammers always seem one step ahead of efforts to eradicate it. This could be compared to the chemists employed by athletic “drug cheats” who also always seem one step ahead of the authorities.

For example, Spammers use techniques such as embedding their “message” inside graphic images, using unique random email addresses so that all emails come from a unique source and, finally, filling the email with random words with no set pattern.

This means that each spam email is unique with no obvious identifying characteristics, making it very difficult for standard anti spam methodologies to block. This also makes it very difficult for users to know whether an email is legitimate or not.

Spammers also have become increasingly more aggressive and are using viruses to recruit “zombie machines” for Spammers. The zombie machines are mostly unsuspecting victims’ PCs, which have happened to contract the virus, opening them up to Spammers, who can then route spam emails through their machines.

Also techniques are increasingly being used to trick and intimidate unsuspecting recipients into taking action (that should actually be avoided)

Annoyances aside, however, the main aim of spam seems to be bypassing the filtering tools and getting users to open emails, rather than about getting them to “buy” the message contents – so it is often a malicious attempt to exhort money from the recipient by holding their data to ransom or tricking them into harvesting credit card and banking information for example.

Surely this is missing the point because no one in his/her right mind would buy from such a source, so why do it? And how do Spammers make money from spam? Well, further reading shows that the spam business is in fact quite lucrative.

So, this brings us to the question, what do you do about spam without giving up on emails altogether? Here are a few suggestions to help make the spam plague a little more tolerable:

  • 1. Use an email service (e.g. Microsoft 365 has spam tools that can be added to the online mailbox) provider that has SPAM filtering tools. Also not that fighting spam is sometimes more art than science. Mathematical filtering tools are used to analyse and predict the probability that an email is spam but sometimes gets it wrong – called a “false positive”. False positives need to be white listed.
  • 2. If you are receiving huge amounts of spam, it might be worth changing your email address (discontinuing the current one) and emailing all your legitimate contacts with your new address.
  • 3. Ensure that your primary email address does not appear on websites etc where it is accessible to spammers. Also be wary about using it when filling in forms on untrusted websites, chat rooms etc. Rather create a secondary email address for less secure services such as a free gmail account.
  • 4. Use spam filtering software tools on the network such as a Sophus Cyberoam with inbuilt spam tools. Also use an anti virus software that incorporates spam filtering on your laptop/PC.
  • 5. Change your website to use forms rather than emails for customer enquires/orders.
  • 6. When receiving an email you are not sure about, examine it carefully before opening an attachment, clicking on a link or filling in important information. Usually from the sender address or hovering your mouse over a link in the email should give clues that the email is spam. If there is a call to action that seems to come from your IT department, first check that it actually did come from your IT people.
  • 7. Never click a link to access your bank account or a secure site. Rather always enter the url directly in a browser