No one likes receiving spam emails. Not only are they annoying and time-consuming, but they can also be dangerous. It’s estimated that 94% of malware is delivered by spam emails, and other potential dangers include spyware, phishing, and ransomware.
Loosely defined, spam refers to messages you don’t want to receive, which tend to be either commercial or deceptive in nature. Spam is as old as the internet, and despite considerable efforts to overcome it, it remains a problem. In this overview, we explain how to identify spam, how to report spam, how to block unwanted messages, and how to prevent spam.
Sometimes it’s obvious when a message is spam. However, if it isn’t immediately apparent, there are some helpful signs you can look for:
Check the sender’s address
Most spam comes from email addresses that don’t make sense or appear as gibberish – for example, amazondeals@tX94002222aitx2.com or similar. By hovering over the sender's name, which itself may be spelled oddly, you can see the full email address. If you’re not sure if an email address is legitimate or not, you can put it into a search engine it to check.
Consider what kind of information is being requested
Legitimate companies don’t contact you out of the blue via unsolicited emails to ask you for personal information such as banking or credit card details, Social Security number and so on. In general, unsolicited messages telling you to 'verify account details' or 'update your account information' should be treated with caution.
If you need to, navigate to the relevant website yourself – by typing the URL directly into your browser or searching for it via a search engine – and log in to your account without clicking on the link in the email.
Be wary if the message is creating a sense of urgency
Spammers often try to apply pressure by creating a sense of urgency. For example, the subject line may contain words like “urgent” or “immediate action required” – to pressure you into acting.
Check whether the email uses your name
Although some spam messages are sophisticated, a potential red flag is being addressed in vague terms, like “Dear Valued Customer” and so on. Legitimate companies to which you have subscribed will know your name and will address emails accordingly.
Check grammar and spelling
Typos and bad grammar are red flags. So too are odd phrasing or unusual syntax, which might result from the email being translated back and forth through Google Translate several times.
Be wary of attachments
Legitimate organizations avoid sending unsolicited emails with attachments since these are known to carry malware. If you receive an email from an unknown sender urging you to open an attachment, this is a sign of spam. Avoid opening attachments in unknown emails in case they download malware onto your device.
Spam emails fall into different categories. Some of the most common examples include:
While spam filters – which we explain below – can help reduce spam, there are some email best practices you can follow to prevent spam from reaching you in the first place. These include:
Be selective about what you sign up to:
Only disclose your email address to organizations you trust. When you do share it, only opt-in to newsletters that you want to receive. Remember, reputable companies will make unsubscribing from marketing emails easy and transparent.
Be careful about how you share your email address:
We all share our email address with friends, family, and work contacts. But avoid posting it on public forums or on social media, where bots and spammers may capture it. Try to use your email address for as few services as possible – only the ones you genuinely use.
Use different email addresses for different purposes:
For example, an email address for work, another for close friends and family, and another more disposable one for sign-ups and subscriptions. If the latter is breached, you can abandon it, and it doesn’t pose a risk to your other accounts.
Be careful how you react to spam messages:
If you can avoid doing so, it’s best not to click on or open spam messages. When in doubt, be cautious by deleting messages you are unsure of. Never reply to a spam message – doing so alerts the scammers that yours is a live email address and invites yet more spam. Never click on links or open attachments in spam emails to avoid downloading malware or falling victim to a phishing attack.
Should you unsubscribe from spam emails?
If it’s a marketing newsletter from a company you know, which you no longer want to subscribe to, then you can hit unsubscribe. However, if it’s a spam email, it’s best not to unsubscribe (assuming it even offers this option). This is because any interaction with spammers is bad – unsubscribing lets them know you’re a potential prospect. In some cases, the unsubscribe link itself could be dangerous. It’s best to delete spam emails or using spam filtering or blocking.
Simply deleting spam emails won’t stop others from appearing in your inbox. But you can train your email provider to recognize which emails you would like to see and which you don’t. You can do this by using spam reporting features, which vary by the email provider. Some well-known examples include:
To report a message as spam in the Gmail app for Android and iOS mobile devices:
Over time, your inbox should learn to automatically filter any emails like the ones you have been flagging into your spam folder, which will probably delete anything that’s been in there for longer than 30 days.
It’s also a good idea to look at your spam folder occasionally to make sure that any emails you do want aren't ending up in there by mistake.
As well as marking messages as spam, setting up spam filters is another way to combat spam. Again, they vary by email provider – some examples include:
To configure the Gmail spam filter:
To configure the Outlook.com spam filter:
To configure Apple Mail spam filter:
To configure the Thunderbird spam filter:
Sometimes, blocking may be a better option when you want to stop receiving messages from unwanted senders. The time to block is when you no longer wish to receive messages from individual senders – these emails won’t look like typical spam, so they may confuse the spam filter more than they help. By contrast, spam emails don’t usually have identifiable email addresses that remain the same, so blocking won't stem the flow of spam.
The process for blocking is different for each email provider and device. For example:
Blocking unwanted emails using iPhone Contacts:
You can unblock senders by going to Settings > Mail > Blocked. Find the name of the blocked sender and hit Unblock.
As well as practicing good email security, using spam filters, and blocking unwanted messages, here are three further steps you can take:
Enable multi-factor authentication
Using multi-factor or two-factor authentication means even if a phishing attack compromises your username and password, hackers won't be able to overcome the additional authentication requirements tied to your account.
Your email service provider may have its own filter, but using it with anti-spam software can provide an additional layer of cybersecurity. This is because emails travel through two spam filters before they reach your inbox. So if junk gets through one spam filter, the other should catch it. Look for an anti-spam filter that works with your email provider.
Use comprehensive antivirus software
Suppose you do fall victim to a spam email by clicking on a malicious link or inadvertently downloading malware. In that case, a good antivirus solution such as Kaspersky Total Security will recognize the malware and prevent it from damaging your device or network.