How to Defend Yourself Against Spam Email

Spam email isn’t just an inconvenience. It’s also a big security risk to your online business. If you recently received a spam email, you can take heart in knowing you’re not alone. In fact, of the 107 trillion emails sent out each year, 89 percent of them is spam. The more you know, the better you can protect yourself, your business and your customers against malicious emails.

How are spammers getting my email address?

One of the most common questions people ask is “How did they get my email in the first place?” Often, spammers will harvest email addresses from mailing lists, websites, yellow pages, social networks and more. Sometimes they even guess email addresses based on popular email providers and commonly used email formats, like firstname.lastname@domain.com.

However, these tactics give spammers lots of invalid, malformed or undeliverable email addresses. So to find out which ones are valid, spammers send emails with web beacons.

So, what is a email web beacon? It’s a very small or invisible image embedded in an email which, when downloaded, automatically reports to the sender that the email has been opened by the recipient. Web beacons can also collect additional information about the recipient, such as time of reading and IP address.

In other words, when you open a spam email, you risk verifying that your email address is valid. Once your email address been verified, you can bet that you’ll be receiving a lot more spam.

What can I do about it?

Thankfully, most browsers nowadays have caught on to the email web beacon tactic and now block external images by default.

However, spammers can still use other techniques to validate your address, like an email header option that requests a confirmation email be sent to the sender when the spam email has been opened.

So, when it comes to defending yourself from malicious email, the absolute best practice is to permanently delete suspicious emails without opening or previewing them.

If you’re unsure about the legitimacy of the email and decide to open it, you can do it safely by converting the email message to plain text format.

Viewing emails in plain text disables all HTML code, which is great for two reasons:

1. Any malicious code will be disabled.
   
   
2. All hyperlinks will be displayed with the exact URLs that they point you to.

REMEMBER:

Never click on untrusted links or open any suspicious attachments.

What if it’s a phishing scam?

Phishing emails are emails that look like they’re from a legitimate sender, but have links in them that take you to a fraudulent website and entice you to enter personal information. Typically in a phishing email, the hyperlink’s visible text doesn’t match the URL of the page where it actually takes you.

There are two ways you can check the legitimacy of a link:

1. Right click on the link and select “Copy link address” or “Copy link location”, then paste that address in a blank Notepad file.
   
   
2. For Chrome, Firefox, IE and Outlook: Hover over the hyperlink and see if the URL that appears in the lower left hand corner of your window is where you want to go.

Although malicious emails may be headed your way, you can disarm all spam emails and phishing scams with awareness, a little caution and your delete button.

SOURCE: Volusion