Spam – We all get it. We all hate it. It can flood our inboxes and cause us to miss important messages. We all know someone, or maybe you are someone who has 50,000 plus unopened emails on a personal account. That is often due to giving an email out too many times on different retail sites in the hopes of saving a few bucks here or there. Websites make it far too easy to simply type in your email for that extra 10% off!

Unfortunately, many websites are not as trustworthy as they seem and will often sell your data to the highest bidder. That’s how you get emails from sites that you don’t even recall visiting. Also, be especially wary of submitting your email to sites that you aren’t purchasing from. Something important I like to keep in mind is: if you aren’t the customer, you’re the product.

Employers depend on their workers' business email hygiene being considerably cleaner than their personal email hygiene. While it may seem like a no-brainer that employees should be handling their work emails a certain way, there's a reason email security is such a hot topic in the cybersecurity industry. Everyone needs to be aware of the dangers that spam can pose and how to keep it out of their accounts.

Why Is Spam Taking Over Your Email?

It really is simple. Spammers send emails because it works. If a spammer sends out ten million emails and only one person makes a purchase, the spammer has still made a profit. Email campaigns are cheap to send out, and spammers do not need a high success rate to make it worthwhile. Spamming people on their business accounts is also not off-limits either.

Spam, Scams, and Phishing

Spam email and phishing scams are very similar, and they tend to go hand in hand. They both involve sending mass unwanted emails to try and get the recipient to perform an action that the sender can profit off of. The main difference is that phishing emails are more involved and require more skill on the perpetrator's part. Phishing emails are often designed by a cybercriminal to cause harm to an individual or organization and attempt to obtain sensitive information. They are disguised to look as though they come from a trusted source, so a certain amount of trickery is involved there as well.

Perhaps you may have heard of the Nigerian Scam, also known as the advance fee scam. You receive an email from a ‘powerful official’ attempting to move a large sum of money out of their country. The person promises you a large amount of money for your help. Once you engage with them, they use different techniques to scam money from you. By the time you realize what is happening, it's too late. On top of that, they’ve sent the same email to hundreds if not thousands of others, and who knows how many more victims have fallen for the trap.

You may think there's no way you or anyone would fall victim to such a scam. However, the fact that 36% of data breaches involve phishing and that organizations lose millions of dollars every year to these scams says otherwise.

How to Stop Spam

• • Most email clients come with a spam filter for your protection, so you’ll want to make sure it’s enabled. If you use Gmail, there is a report spam button at the top of the page as well for your convenience. For Yahoo Mail, it is at the bottom of the page. For Outlook mail, right-click on the message, choose junk, then block the sender. You can determine the level of tolerance your spam filter has. Go to the Home tab at the top of Outlook, click junk, select junk email options.
  • Another way to stop receiving unwanted emails is to simply unsubscribe.
  • Do not post your email publicly. Spammers love to search the internet looking for publicly posted email addresses.
  • Do not reply to a spam message. If you do, you've just let the spammer know that they have hit an active account, and they will most likely put extra energy into targeting your email. Hackers often use this tactic.
  • Be more cautious about giving out your email.
  • Try to avoid creating so many accounts online. If you must, look at the website's privacy policies and whether they will share your information.
  • Do not end up on compromised email databases. This might sound more challenging, but with increased security practices like strong passwords and multi-factor authentication, this risk can be reduced significantly. You can use the site haveibeenpwned.com to check if your email address is already on one of these compromised email databases.

Are You Spamming Others Without Realizing It?

With the enforcement of GDPR guidelines and CAN-SPAM requirements, be cautious that you or your employees are not violating any regulations. The last thing you want is to end up with hefty fines. A few best practices to put in place when sending out cold emails are to:

• Give an opt-out option
• Deliver clear value and do not automate everything
• Build rapport, be friendly, and establish trust with your consumer by trying to understand their pain points

Some Famous Spams or "Urban Legends"

ScamBusters.org provides many examples of urban legends or scam emails. There are several interesting examples of emails that have offers that were too good to be true.

You or someone you know may have fallen victim to the famous spam email that went out claiming to be from Bath & Body Works. It urged the recipient to forward the email to 13 people, and in return, the original recipient would receive a $50 Bath & Body Works gift card. Always trust your instincts. When an offer like this sounds too good to be true, it almost always is!

Be Careful not to Hurt Legitimate Email Senders

Be careful not to click "Report Spam" every time you receive an email that you've decided you no longer wish to receive, as tempting as that may be. That approach not only hurts legitimate email senders but, it hurts those who legitimately want to receive it. For example, if you receive a newsletter that you opted in for but now decided that your email box is filling up too quickly and you no longer want it, opt to unsubscribe. If you report legitimate emails as spam, you teach the spam filter to recognize that email as spam. Then the legitimate email will end up in the spam folder of those who wanted to receive it. This shortcut hurts both publishers and consumers.

If you or your employees are already overwhelmed by the amount of spam you're receiving, you can always start fresh with a new account. Ultimately, ongoing communication and educating your employees on relevant topics such as email best practices is a great defense. TechGuard Security offers training courses on email best practices and even phishing simulations. Learn how we can help your organization practice better cyber hygiene and avoid becoming the victim of scammers and phishers.