SPAM – Part 3

Continuing with this series we are going to look at:

  • how we can spot SPAM and tell the difference from legitimate email
  • adjust our emailing habits to protect our email identities

Things have moved on significantly since those early days back in 1990. Email remains the killer messaging app in terms of sheer volume of users and data. Whatsapp, Facebook Messenger and all the others combined don’t even come close. Global estimates put email users somewhere between 3.5-4 billion with 250 billion messages per day. It’s easy to see why a spammer is so attracted to this marketing exploitation.

Before we talk about how to identify SPAM, let’s think about the goal of the spammer; to get you to click on a link, any link in the email. The moment you click you have verified that your email address is legitimate to the spammer i.e. there is a real person behind your email address. Instead of reacting to the email, send it your Junk filter.

Different types of SPAM are easier to spot than others. Traditionally SPAM emails are little more than adverts for alternative health products, penny stocks, financial services etc. These are easy to spot. More insidious is the ‘phishing’ type of SPAM email. Have a look at the image below: is it genuine?

The astute among you will notice that the Amazon logo is not displayed. This is because I set my mail application to not load any external links/graphics etc. automatically as a precaution;

So, it looks pretty genuine on the face of it, except that I have not purchased anything from Amazon. So how can we tell? Well, in the image above all the words in blue are links to external web sites/servers. So we might assume that those links point to amazon’s servers. In your email client, being careful not to click, hover your mouse over those links to reveal the true destination e.g.

Here we see that hovering the mouse over the “Order Details” reveal this link will take us to mileageindia.com, not amazon.com as we would expect. Oh dear.

Let’s take an even deeper look at the origins of this email. Behind every simple or fancy looking email are what’s call the email headers. These headers tell the whole story (and reveal the truths) of the journey of every email.

See here for instructions for revealing email headers in various email apps.

Lots of gobbledygook here so let’s look at the first line. Although the email reply to address says “auto-confirm @ amazon.com” the email headers reveal the truth; that if you replied to this email it would go instead to “f.marmol- @ -trendnet.com”. Red flag number one. This email is not from whom it pretends to be. Looking at the “Received From:” header lines we can see that this email was sent via a mail server with the domain name “reflexion.net” – which does not handle email for amazon.com. So.. off to the Junk folder with this one.

Change your habits.

Once your email address has found its way into the spammer’s collections of people to annoy, it is virtually impossible to get yourself removed from these lists. In some cases the abuse of an email account (especially those who have been active for some years) may lead to abandoning the account altogether.

As we have to use an email account for practically everything we wish to do on line these days, we suggest using “burner/free” email accounts to register with on line services wherever possible. Use Google™ or Yahoo™ for example and have them forward mail to your real account. That way if your “burner” account starts attracting too much adverse mail, simply delete the account and set up a new one, leaving your genuine account spam free.

In the final part of the series we will be looking at ways we can be proactive in the war against SPAM and how we can help each other to rid the world of this scourge.

Until then, be vigilant, click safe!

Series Navigation<< SPAM – Part 2

Comments

  1. Lilyan February 28, 2019 at 12:14 pm

    Hi, Stewart,

    Although I personally have long time ago discovered how to handle these spams sent from pretending e-mail addresses (not sure about the moment when one day I will probably miss 🙂 ), your contribution is an excellent example of taking care of your customers.

    But why on the first place the e-mail transferring channels allow for a real e-mail address to be so easily masked: auto-confirm@nullamazon.com ?

    It was good to learn the trick of using the ‘burner’ e-mail account.

    Thanks and regards,
    Lilyan

    • OPQsysAdmin February 28, 2019 at 1:06 pm

      Hi Lilyan,

      Thanks for your comments and encouraging words. The final part of the SPAM series should be out next week. This part explains how we can be more proactive in tackling the issue.

      As for the fake “Reply-To” address. There really is no way
      of using this as a blocking mechanism. The “Reply-To” header should be considered as nothing more than a tag or marker rather than the legitimate sender. There are legitimate uses for the ‘Reply-To’ being different from the actual sender, think of mailing list servers for example.

      Kind regards,

Leave a Reply

Your email address will not be published.

Name *
Email *
Website