How to Protect Yourself From Spam
Every year spam loses its advertising component more and more, and becomes more and more criminalized. The prerequisite for this process is the anonymity of spam mailings, which creates the illusion of complete impunity.
Such types of criminalized mail as Nigerian letters and phishing are widely known. Spammers are rarely active in inventing new objects of attacks and “baits” for the user. Especially often spam can be caught on the platforms of online stores or online casinos, so try to carefully study the sites before clicking on the link and use only trusted sources, for example, casino live.
In addition, the services of spammers are readily used by virus writers who, using spam emails, distribute their creations or links to infected sites where users are lured under one pretext or another. The result of receiving such spam is the same: the risk of infecting the user’s computer with malware.
Experts estimate the total losses from spam at several tens of billions of dollars annually. As a result, spam protection has proven to be not just desirable, but urgently needed. If you don’t limit spam and spammers, then the use of email will come to a standstill. We simply will not be able to use it for its intended purpose, everything will be inundated with spam.
In today’s world, spam protection is as much a necessary part of the overall IT security system as anti-virus protection.
It’s widely believed that spam is not a dangerous phenomenon for both private users and organizations. And in fact, it would seem, what can be really harmful, even if annoying, but still, in essence, nothing but a waste of time, not threatening advertising messages coming by email, ICQ, or even through SMS messages? Unfortunately, such rosy ideas about spam are not at all true – in fact, spam is a rather insidious phenomenon, the danger of which is often underestimated.
The first and most obvious of the threats posed by spam is the waste of time needed to search for information, filter messages, and so on. Agree that finding a letter from a client in a pile of flyers is much more difficult than on a clean desk. It’s the same with e-mail: because of the spam that clogs mailboxes to the eyeballs, it’s hard to find really important letters. Search engine spam is especially dangerous in this regard, since, unlike email spam, it’s practically impossible to filter it automatically, and the user is forced to manually select the links he needs among the “search garbage”.
The second threat lies in the content of spam emails. Unfortunately, not all of them contain ads – some of them are accompanied by much less harmless attachments that can infect a user’s computer and jeopardize corporate information security. Many emails contain links to infected pages, and by clicking on this link, the user risks no less than when downloading an infected attachment to their computer. In order for more users to follow such links, spammers disguise their mailings as letters from well-known online services.
Not the most obvious threat from spam is the increased load on the network and increased volumes of traffic, which requires additional computing power to process it. Since, according to experts, on a global scale, the share of spam in email traffic is up to 95% on different days, it’s easy to imagine what additional load spam creates on the network infrastructure.
Also, junk emails are harmful because of the possibility of losing important information due to the clogging of the mailbox to the limit, congestion of the network channel, erroneous operation of the filtering system, which considered an important letter to be spam and sent it to the trash can. All these risks are quite difficult to express in terms of money, but it is obvious that an urgent letter lost due to spam means a significant amount of lost profit even for a large organization.
From the above, it can be understood that spam is still not as harmless as many people think, and that protection against it should become part of an organization’s unified information security strategy.
Safe and Dangerous Spam
Spam messages can be conditionally divided into safe and dangerous. The former are harmless to the user and carry only an informational load, while the latter can lead to unpleasant consequences.
Advertising of legal products. These are regular advertisements that a business sends to users without their consent. The letters tell about the benefits and benefits of a product or service, inform about discounts and promotions.
Advertising of prohibited products. In Russia, you cannot advertise certain types of goods and services (tobacco, drugs). Official advertising of such products is prohibited, so spam is used to promote them.
Spam to fight competitors. The topics of the messages are related to politics or business. Letters are sent to defame a competitor and undermine his reputation.
“Letters of Happiness” “Send this message to 5 friends and you’ll be rich very soon.” Spam of this kind allows you to collect or replenish the database of contacts for further mailings.
Phishing. This is a fraudulent scheme to obtain users’ personal data. On behalf of a well-known organization, bank or store, the attackers send a letter to a person with unpleasant news: “a loan has been issued for you”, “your account has been blocked”, “you have an unpaid fine”.
To solve the problem, it is proposed to follow the link to the site and leave personal information, such as bank details or authorization data. The resource itself is fake, but very similar to the original. Inattentive users do not notice the difference and enter the necessary information, after which the information falls into the hands of fraudsters.
How to Deal With Spam
To protect yourself from annoying and dangerous spam messages, follow these guidelines:
- Don’t publish your contacts in the public domain on websites and social networks. Do not give your phone number and mailing address to questionable companies and organizations.
- Come up with complex passwords. Combine uppercase and lowercase letters, numbers and symbols. Don’t use the same password for different accounts.
- Enable two-factor authentication for social networks and mailboxes. In this case, it will be possible to log into your account from a new IP address only using a confirmation code that will be sent to your phone.
- If the unwanted email does end up in your inbox, mark it as spam. All subsequent emails from this sender will automatically be considered spam.
- Don’t click on links or open attachments in suspicious messages: they may contain viruses.
- Choose reliable email services with quality spam filters. Customize your own filters: many services have this option.
Spam messages often contain attachments, such as a new clothing catalog or a listing of discounted items.
Don’t open attachments unless you know for sure that the email is safe. Emails with “interesting offers” from unknown senders should be immediately marked as spam and deleted.
However, you may receive a malicious attachment from a colleague or friend if their account has been hacked. Anything can be in a malicious attachment and it can be called differently, for example, “pay slip” or “photos from our meeting.” In this case, evaluate the context of the email and, before clicking the attachment, check the legitimacy of the message in another way, such as by phone.
Pay attention to the type of the attached file. There is an extensive list of dangerous files such as .exe, .xlsm, .vbs, .wsf, .cpl, .cmd, .scr, .js. Pay attention to the file names. The file named “example.exe.jpg” is not an image. This is a simple trick.
Current and Urgent Topics
If the subject and heading of the email scream about urgency, for example, encourage you to buy a product right now, with a 90% discount and a “GIFT” promo code, most likely this is phishing. Messages a la “urgently update information on any state portal” are also suspicious.
Fraudsters use relevant and painful (sometimes in the literal sense of the word) topics, because users respond better to them. So, in 2020, attackers speculated on the topic of coronavirus. They sent out millions of emails advertising medical masks and disinfectants at low cost, offering “government” relief measures or free tests on behalf of medical institutions.
The sender’s address and name is something you should always pay attention to. Simple spam usually comes from companies unknown to you or from non-standard sender addresses (strange combinations of numbers and letters, you must have seen them).
But in social engineering attacks, cybercriminals use names and email addresses that look believable and legitimate. One replaced letter in the address is easy to miss.
Spam can not only irritate and clog your inbox, but also carry a threat to information security.