SPAM – Part 3

SPAM – Part 3

Continuing with this series, we are going to look at:

• How can we spot SPAM and tell the difference from legitimate email
• Adjust our emailing habits to protect our email identities

Spotting SPAM

Things have progressed significantly since those early days in 1990. Email remains the killer messaging app in terms of sheer volume of users and data. WhatsApp, Facebook Messenger, and all the others combined don’t even come close. Global estimates place the number of email users between 3.5 and 4 billion, with approximately 250 billion messages sent per day. It’s easy to see why a spammer would be attracted to this marketing tactic.

Before we discuss how to identify SPAM, let’s consider the spammer’s goal: to get you to click on a link, any link in the email. The moment you click, you verify that your email address is legitimate to the spammer, i.e., there is a real person behind your email address. Instead of reacting to the email, please send it to your Junk filter.

Different types of SPAM are easier to spot than others. Traditionally, spam emails are little more than advertisements for alternative health products, penny stocks, and financial services, among other things. These are easy to spot. More insidious is the ‘phishing’ type of SPAM email. Have a look at the image below: Is it genuine?

The astute among you will notice that the Amazon logo is not displayed. This is because I have set my email application to not automatically load external links, graphics, etc., as a precaution.

It appears genuine on the surface, except that I have not made a purchase from Amazon. So, how can we tell? In the image above, all the words in blue are links to external websites or servers. So we might assume that those links point to Amazon’s servers. In your email client, being careful not to click, hover your mouse over those links to reveal the true destination, e.g.

Here we see that hovering the mouse over the “Order Details” reveals this link will take us to mileageindia.com, not amazon.com, as we would expect. Oh dear.

Let’s take a closer look at the origins of this email. Behind every fancy or straightforward-looking email are what are called the email headers. These headers tell the whole story— and reveal the truths —of the journey of every email.

Refer to this link for instructions on revealing email headers in various email applications.

There’s a lot of gobbledygook here, so let’s examine the first line. Although the email reply address says “auto-confirm @ amazon.com,” the email headers reveal the truth: that if you replied to this email, it would actually go to “f.marmol- @ -trendnet.com.” Red flag number one. This email is not from whom it pretends to be—looking at the “Received From:” header lines, we can see that this email was sent via a mail server with the domain name “reflexion.net,” which does not handle email for amazon.com. So.. off to the Junk folder with this one.

Change your habits

Once your email address has found its way into the spammer’s collections of people to annoy, it is virtually impossible to get yourself removed from these lists. In some cases, the abuse of an email account (especially one that has been active for several years) may lead to abandoning the account altogether.

As we often need to use an email account for practically everything we wish to do online these days, we suggest using “burner/free” email accounts to register with online services wherever possible. Use Google™ or Yahoo™, for example, and have them forward mail to your real account. That way, if your “burner” account starts attracting too much adverse mail, simply delete the account and set up a new one, leaving your genuine account spam-free.

In the final part of the series, we will explore ways to be proactive in the war against spam and how we can collaborate to rid the world of this scourge.

Until then, be vigilant and click safely!

Series Navigation

<< SPAM – Part 2SPAM – Part 4 >>