10 Ways to Protect Against Email Spam

email spamDo you remember how useful email was without spam? I do and I know the best way to avoid spam is not getting on spammers’ lists in the first place.  In this post you will find out how to use disposable addresses, obfuscation and other techniques to protect against the expected tsnami of spam headed for your email box in 2011.

Trend Micro reported 2010 was an active year both for spammers and anti-spammers.  Some of the most common spamming techniques in 2010 were:

  • Embedded images in messages were actually downloaded from URLs. Salad words were added at the end of the main mail body.
  • Messages were made to resemble legitimate email messages from well-known sites such as Amazon but the link actually led to Canadian pharmacy sites.
  • The messages’ body contained salad words while .ZIP file attachments contains an image that linked to a site where the actual content was located.
  • Spammed messages with only one URL in the message body and very few or no other words.
  • Using HTML tricks to make large numbers of salad words at the bottom of the email message invisible.

Here are a few threats Trend Micro predict will hit the big time—and not in a good way—in 2011:

  • Social media attacks. When the gossip website Gawker’s commenting system was hacked, over a million commenters’ email addresses were released—many of them with their accompanying password as well
  • Mobile hacks. The increasing popularity of third-party apps for mobile phones makes it that much easier for scammers to find their way onto a platform that already has a big red bull’s eye on it.
  • The return of spam. Spam levels dropped late last year after the arrest of a suspected major spammer, but it probably won’t take long for them to creep up again. The spam we see in 2011 and beyond will likely come from botnets—massive groups of computers commandeered to send spam, unbeknownst to their owners—rather than from a single spam source. And the new spam may capitalize on URL-shortening services in order to disguise the general shadiness of their links.  — To learn more  Trend Micro 2011 Threat Predictions (PDF).

10 Ways to Protect Against Email Spam

  1. Be selective and protective and never sign up for an email address which is the same as your first name or last name – insert letters and numbers. But don’t choose numbers that reflect personally identiying information such as DOB, Social Security number, street address, telephone number, etc.
  2. Keep a private email address which you share only with close friends and family anf never use it on any site.
  3. To beat spammers, use a long email address consisting of more than one word and, preferably, word segments as well as numbers and an underscore.
  4. Create  temporary disposable email accounts from among these providers and shield your real email address from prying eyes.  Disposable Email Mailboxes: Beat Spam with a Temporary Email Address
  5. Don’t post your email address in “plain” clickable form anywhere on the Web. — Eluding Email Address Spam Bots
  6. Use a contact form and/or a guestbook on your website or blog instead of providing a contact email address.
  7. Don’t become a member of or use sites that demand access to your email contact list.
  8. Never ever use the email indicators that say “I’m on vacation” or similar settings. Configure email  auto-reply to reply ONLY to those email  recipients that you place in your contact list.  Because if you configure your email program to auto-reply to all incoming email, including spam messages will also receive a reply.
  9. For worms to spread, social engineering is important, and a crucial point is that the malicious code appears to come from a friendly or even trusted source. –Ignore Delivery Failures of Messages You Did Not Send
  10. Some spammers add unsubscribe links to their email messages. Never ever use those links. If you do the spammer knows that the email address is valid.  And, do not reply to spam emails, as doing that it tells the spammer that your email is valid and active. Once you validate your email address the spammer will more than likely sell your email to other spammers, hackers and or unethical 3rd party marketers.

12 thoughts on “10 Ways to Protect Against Email Spam

  1. Re #2… I got some of my worst spam when I found a distant relative via my family tree… and the so and so put my name on a junk mail list. Eventually I blocked him. Recently I had to shift another family member to a more obscure email address I use, as I couldn’t tolerate all the rubbish he was sending me all the time. So that solution isn’t always quite as ‘safe’ as it might seem…

    I always block images as a matter of course and I mouse-over any email sender’s name if it looks familiar but I’m not expecting anything from that person, and that’s saved me from getting hacked a couple of times when a couple of friends’ email address books had been hacked.

    But they’re all getting cleverer now, aren’t they? Or is that just my imagination.

    Good to see you back online, TT.
    :)

    • Hi Val,
      When I read this comment I shook my head. I have been there too. Yes, all email spammers are becoming more and more creative. Some wordpress.com bloggers don’t seem to comprehend what it states on our comments boxes. When submitting comments we are authorising that email address for use only for that comment submission purpose and it cannot be used for any other purpose. It’s illegal to use those email addresses for any other use in Canada.

  2. Glad to see this post, especially after my boss’ e-mail was hacked into and others on his contact list were victimized out of hundreds of dollars answering a phony distress e-mail before he could secure his e-mail again. The scams are getting more creative every year. It’s really scary out there.

    I have really pondered the use of guestbooks and the usual comment formats as I have known them to be limiting. On the one hand I don’t want to allow my blog to be used for publication of acrimonious comments attacking other parties (which seems to be more often the case than not these days). On the other hand, the really thoughtful ideas even deserve the status of a regular article with a different perspective.

    So for now, I am trying an approach to route these contributors to a dedicated e-mail for the blog only separate from my personal and professional e-mail accounts. I hope that would facilitate collaboration and assure fairness. After all, if I have the right to edit comments as a moderator, a contributor should have the right to review and respond to edits.

    I am, however, considering your ideas if this doesn’t work. Hugz, old friend.

  3. A good reminder to start the New Year with. I usually keep one email address separate from all others that I use just to subscribe to lists, sites, etc. That way, if it gets passed along or compromised, then it’s an email address that I can easily dispose of. I just have to be sure to be consistent with that practice!

    • I have a private email address for close friends and family. I have separate email addresses for each of my blogs. And I have disposable email addresses for sign-ups. Anything suspicious never gets opened. Thanks for commenting. :)

  4. Very, very good advice! But what to do if my email address of many years is my name, a long-standing violation of #1 for 10 Ways to Protect against Email Spam? It is so disrupting to change an email address.

    This reading caused me some musings for a few moments. Salad words? As a foodie, this was a new term to me. A quick visit to Wiki gave me the definition. And I had always wondered about the strange, confused wording of many spam messages, conveniently sorted out by WordPress’s Akismet. The writers weren’t drunk after all. Just unethical idiots.

    Kathleen

    • Hi Kathleen,
      Thanks for your patience. The computer reconstuction work is not yet done but I’m plugging along at it.

      Yes, cyberspace is full of unethical idiots spamming the crap out of us because they make money by doing so. Their success is proof postive that stupidity previals in a large enough percentage of the population to keep email spammers in business.

  5. Good Morning timethief. This is such a useful post – my Dad insists on sending me strange spam email and asking me if it is ‘real’. I tell him no it’s not, don’t forward it to me, just delete it, similarly if you get a really odd email from a friend/close family, just call them up and ask if it is them, don’t send it on or back. I get zero email spam these days. I think my isp is pretty ferocious and I use a small shareware programme as well which takes some out. Occasionally it holds a real one. I order meat from a small supplier and his email address had the words ‘wild meat’ in it. The ISP thought those words unacceptable. But I trained the email settings to ignore that address. Small price to pay for not having yards of spam email. [edited at request of author] I also wish that people wouldn’t send group emails and put all the addresses in the cc column. If one of those has been hijacked/compromised then presumably the spammers have a nice tidy stack of real email addresses given to them on a plate. All the best, Joanna

    • Thanks so much for your patience. You have been waiting for me to reply to you and I feel guilty. I’ve been going crazy working in the background. We had a snow storm and 2 days without power. :(

      You would be surprised to find out how cavalier many people are about email. if people did not click the links in spam email the practice would come to a halt. But it’s effective – very effective. Email spam is big business.

      • Please don’t worry! I know you answer when you are able :) It’s the nature of blogging comments. A long time ago I read a story by UK LeGuin in which they crack the problem of sharing information over light year distances in space, the idea the character said, was that everyone just keeps talking away and all the useful information would get there and back much quicker, whereas if you waited for any one answer to come back to a specific question, the exchange of information would take forever. Does that make sense? I really liked that concept. So just keep posting and researching, it’s all wonderful stuff much appreciated by me! Snow storms and power outages yikes! – as long as you are warm and dry and have food – I hope you are safe and well :)

Comments are closed.