For as long as people have been receiving emails, their inboxes have been congested with junk emails, known as spam emails. In the digital age, email has basically replaced traditional mail as people now receive email notifications for bills, bank account statements, doctor appointment reminders, and other important things. The use of email to take care of bills and finances especially, and the attachment of your email to your bank account has certainly caught the attention of cybercriminals. These criminals consistently send out spam emails, sometimes as part of a phishing scam, to get money and sensitive information including account numbers and passwords from victims.
Cybercriminals are not your typical criminals lurking in the dark and waiting for the right time to attack. They are seemingly normal, tech savvy people who may be crafting and sending spam emails while sitting out in the open in a coffee shop. These criminals have gotten very good at disguising their spam emails to look like official messages from a financial institution or government agency so that the victims feel obligated to open the messages. These emails typically contain an attachment or a link that they want you to click which is what starts the malicious action.
It is very important for individuals and businesses alike to recognize spam emails and phishing attempts to keep their sensitive information protected. This guide includes tips on how to identify spam emails and phishing attacks as well as the best ways to protect yourself and your business from these scams. Remember, cybercriminals are very tech savvy and they have gotten very good at creating official looking spam emails. This makes it very important to be vigilant for potential spam emails in your inbox.
What is Spam?
Spam emails are essentially junk mail that is sent out with malicious intent. Cybercriminals send spam emails in mass email blasts to reach as many potential victims as possible. These emails are typically disguised as official emails from banks, businesses, and government agencies and they contain a message urging recipients to respond to a pressing matter. The “pressing matter” may be something that sounds urgent like a compromised account or late payment notice.
Scammers are usually trying to accomplish one of the following with spam emails:
- Solicit a payment from the small percentage of people who give in to the request.
- Infect the computers of the recipients with a malicious code.
- Get sensitive information such as bank account numbers and passwords as part of a larger phishing scam.
There are several ways you can identify if an email is spam or not. Spam emails typically come from email addresses that are combinations of letters and numbers and they usually have generic or non-sensical subjects and greetings. Make sure you are familiar with all of the signs of email spam.
What is Phishing?
Phishing is the act of unleashing a cyber-attack to gain sensitive information or infect computers with viruses or malware through spam emails or malicious links. Cybercriminals target individuals, businesses, and institutions with these attacks which can also take place on social media platforms as well as through email. Phishing scams can be especially malicious which is why you must protect yourself from these scams.
Spear phishing attacks are specifically targeted, specialized attacks in which a cybercriminal infiltrates an entire system to collect information. Businesses and institutions are commonly targeted by spear phishing attacks because cybercriminals are usually after a customer or email list. Gaining access to this type of sensitive information will allow the criminals to attack the individuals on the customer list while appearing to be the business itself. They can make their emails look more authentic since they have already broken into the network and because their targets are customers of the business, they are more likely to take the email seriously.
Protecting Yourself from Spam Emails and Phishing
It is very important to know how to protect yourself or your business from spam email and phishing scams because the problems they cause can be very serious. The following tips will help you better protect yourself from these scams:
Create Multiple Email Addresses
It is recommended for individuals to create two separate emails addresses; one private email address and one public address. Use your private email address strictly for personal correspondence, do not post this email address anywhere publicly and do not use it to sign up for any mailing lists or online accounts. You should also get creative with your email address and not use obvious names. Many people use their first and last names for email addresses which are very easy for scammers to guess. Using a more unique email address will make it harder for scammers to figure out.
Your public email address is the one you should use for mailing lists, social media profiles, online banking, and other online services. When using your public email address, follow these tips to protect it from spam:
- Think of this email address as temporary because it is only a matter of time before spammers figure out your public address.
- Be ready to change your email address from time to time.
- Use multiple public email addresses each for different services so you can quickly identify the source of the spam.
Delete Suspicious Emails
While spam emails do sometimes look legitimate, there are still characteristics of spam that are easy to identify such as indecipherable sender email addresses, awkward wording, and strange URLs. Check the wording of the subject line and the email address of the sender before opening the email. If you have any suspicion at all, delete the email without opening it. Most email clients give you the option to report spam which will help reduce the amount of spam coming to your inbox.
Never Respond to Any Possible Spam Emails
Any type of response to a spam email will result in more spam or even worse consequences. Emails with amazing offers, urgent messages, or requests for personal information are likely to be spam so make sure you confirm that these emails are legitimate before giving any response. You can confirm the authenticity of an email by contacting the company or institution directly. You should never give any type of personal information in an email because legitimate businesses and institutions will never ask for your information this way. Do not click an “unsubscribe” button within the email either because this is one method spammers use to collect email addresses.
Use Unique User Names and Passwords
As mentioned above, spammers find targets by simply guessing obvious email addresses such as JaneDoe@domainname.com. Using unique user names instead of the simple first name – last name or first initial – last name formats will give you better protection against spammers. You should also create long, complex passwords that are difficult to guess. Make passwords out of phrases and use numbers and symbols. A shocking amount of people use something simple like “12345” or “password” as their passwords which are highly vulnerable to cybercriminals.
Use Available Protection Technology
There are several ways you can protect yourself using technology that is available to you:
- Make sure your computers are protected with top rated anti-virus or security software.
- Use spam filters in your email inbox to help reduce the amount of spam emails that reach your inbox. Check your spam or junk folder often to make sure legitimate emails are not being labeled as spam by the filters.
- Use additional security tools such as security keys and biometrics for further protection.
- Use the latest updated versions of all security programs and your internet browser. You can even set up programs such as Office 365 to provide better protection against spam emails.
- Report instances of spam or phishing. Email clients typically allow you to report spam directly in your inbox. You can report instances of phishing through the Anti-Phishing Working Group (APWG).
Victims of Phishing or Spam
If you have fallen victim to spam emails or a phishing scam, make sure you take the following steps immediately:
- Report it to those within your organization that can watch for suspicious activity and take action.
- Call your bank or credit card company to cancel your accounts if they have been compromised.
- Monitor your accounts for unauthorized changes.
- Report the attack to local law enforcement or watchdog institutions such as the Internet Crime Complaint Center or the Federal Trade Commission.
Be Smart and Stay Protected
The best thing you can do to protect yourself from spam emails and phishing scams is educate yourself on what they are and what they look like and be smart about how you protect yourself and deal with possible spam emails. Adding some extra security to your accounts and taking safer actions online will help you avoid these malicious attacks.