2016 Update on Spam

October 21, 2016

It’s been three years since our last article on Spam. We don’t do a lot of updates on spam because, frankly, not much has changed. There has been one new development in the world of spam, but the main reason we wanted to do an update on spam was for anyone who may have missed our previous articles on the subject.

In our original article about spam, we told you that it gets its name from a Monty Python skit. If you would like to watch that skit, click here. They repeat the word spam so many times in that skit, it is reminiscent of how spam repeats itself in your inbox.

Today I want to tell you about a new tactic spammers have started using. I also want to go back over what you can and should do about spam.

If you haven’t had your email account hacked and used to send spam, you probably know someone who has. When your email gets hacked and used to send spam, all you have to do is changed your password and security questions and that fixes it.

First of all, you should be aware that email is not safe. What I mean is, when you send an email, at least part, if not all, of your email’s journey to its destination is one in which the email can easily be intercepted and read by a program called a bot (short for robot). The email would continue on its journey to its destination, but the contents of the email can be read and analyzed by computer programs that harvest information from those emails.

The information they harvest can vary, but the most common information is who sent the email and who was the email sent to. Basically, they are harvesting email addresses. Some other computer programs harvest other information like personal information, credit card numbers, and passwords. That’s why you should NEVER send any sensitive information via email unless you can cleverly mask the information. The good news is that it is computer programs looking at the emails, not humans. So it’s pretty easy to embed information in an email in a way that a computer program wouldn’t recognize it. For example, if you send an email to someone and say: My password is 1234567, a computer program can be written that easily identifies that and reports back to its programmer what your password is. But you could send the same email and write it differently and it probably would not be picked up by a bot. For example, you could say: “I’m going to send you a separate blank email with the password in the subject line.” Then send them another email, put the password, and only the password in the subject line. Leave the body of the email blank and send it. A bot won’t know it’s a password. But I digress.

Once the spammers have harvested your email address and who you are sending email to, they will then send out an email to the same people you sent email to. They send the email out in a way so that, to the untrained eye, it looks like it’s from you. But in actuality, the email was not sent from your email account. At first you may think your email account has been hacked but in reality, it hasn’t been hacked. And that’s the worst thing about this new tactic. When your email account has been hacked, you can change your password and lock the hacker out. That won’t help in this case because the email wasn’t sent from your email account. Basically, there is absolutely nothing you can do about it. The good news, though, is that the spammers will only do this for a week or two and then they’ll move on to someone else and the problem will go away. They might come back to you occasionally though.

If you start getting emails from your friends and family telling you they are receiving spam from you and that your email has been hacked, it may or may not be true. Ask them to forward the email to you. If you know how to look at the email headers, look at them and see if the email was really sent from your email account or not. You can also forward it to us and we’ll look at it and let you know.

Other than that, not much has changed in the world of spam. The war continues between spammers and those that try to stop them. Those of us who fight against the spammers know that we can’t win the war. But we can significantly reduce the amount of spam each person has to deal with. If you get a lot of spam, be aware that you would get 100 times more spam if it weren’t for those who battle the spammers every day.

There was a time when 92% of all email was SPAM. Thanks to System Administrators and Anti-Spam software, that rate has fallen to around 45%. But the actual amount of spam that makes it to your inbox has probably increased. Here’s how it goes. Anti-spam software blocks spam. Spammers figure a way to get around it and spam gets through. Anti-spam figures out a way to block it. Spam goes down. Then spammers figure a way around it. Then…well, you get the idea. Lather, rinse, repeat. The never-ending spam battle.

You may be wondering why spammers send spam. Surely, in this day and age, everyone knows not to click on spam, open spam attachments, and so forth. While most people do know that, not everyone does. And spammers are tricky and good at what they do. They can fool us into thinking an email is legit. Because spam is so cheap and easy to send, spammers only need one person out of ten million to fall for a given spam to make it successful. So basically, spam works.

Here’s what you should know about dealing with spam on a daily basis:

  1. Don’t open spam.
    Before opening any email, look closely at who it’s from and the subject. Also look at the date and time. If you are suspicious, don’t open it.
  2. Don’t click on links, pictures, or anything inside a spam email.
  3. Don’t open attachments in spam.
  4. Never try to unsubscribe to spam email.
    (note: it is safe to unsubscribe from legitimate business emails.)
  5. If there is even one shred of doubt as to whether or not an email is legit, treat it as spam.
  6. Turn off email preview.
  7. Use built-in anti-spam or install anti-spam software.
    This is a big subject that we could devote an entire article to. If you use webmail, be sure and mark spam emails as spam so that similar spam won’t be delivered to your inbox in the future.
    If you read your email using an email client like Outlook, Windows Live Mail, or Thunderbird, we can install a free anti-spam product that will drastically reduce the amount of spam you have to deal with.

And most importantly, don’t waste any more time with spam than you have to. Quickly deal with your spam as outlined above and move on.

As always, if you have any questions or need help with any of this, don’t hesitate to contact us.

Leave a Reply

You must be logged in to post a comment.