In part one of the Think Twice series, we discussed in detail about spam and its types. We will continue its second part with the story of James. James is a shopaholic. Whenever James receives an email with a discount code or a deal, he clicks the links to take advantage of that offer without any second thoughts. He doesn't hesitate to drop his email address in the comment boxes of his favourite brand or influencer's social media page, in the hopes of winning a giveaway contest. He happily explores emails from unknown senders. After one of the offer codes he was waiting for ended up in the spam folder of his mailbox, he disabled all spam filters in his email settings so that he won't miss any future sale.
One time, James received an email with a coupon for his favourite phone attached as a PDF file. Despite the warnings from his email service provider that the attachment could be malicious, he downloaded the coupon. And that coupon ended up being a macro virus. The virus disabled his computer, stole all the information he had including sensitive financial data. Now, James has to handle his loss of information, security, and privacy, along with his disabled device.
James is just one among many affected by spam's spoof and phishing attacks but there are many things you can do differently to prevent yourself from becoming a victim like James. In this blog, let's look at a few tips to help avoid email spam.
Never give out your email address in a public forum
No matter how tempting an offer is, it's best to avoid giving out your email address in any public forum. You may think sharing it on the page or profile of a trusted brand is safe, but many spammers use crawlers to scan random pages and extract email addresses for their database. Due to this, you will likely get spam emails and your email address could even serve as a front for future spoof attacks on others by spammers. So, it's best to share your email address with the utmost caution.
Do not interact with spam emails
Most of the time, spammers get email addresses by randomly generating them—brute force method. They have no way of knowing the validity of an email address unless the recipient interacts with the email (which includes replying to an email, downloading embedded files or images, and clicking on the attached links). One common deceptive technique used by spammers to trick the recipient into interacting is by providing an "Unsubscribe" link. While authentic marketers do use this option appropriately, spammers use it as a tool to confirm the deliverability of your email address. This results in you getting "subscribed" to the spammer's database instead of unsubscribing. Thus, it's safest to leave a spam email alone and not interact with it at all except while marking it as spam. The next time you go out on vacation, auto-respond only to your contacts.
Know how email works
Understanding how email works and knowing common features—such as Preview sender, Envelope sender, SPF, DKIM, and DMARC—creates cognizance for you to be alert. By checking the header of any email you receive, you can track its trail and spot if an email is spoofed or authentic.
Avoid using public Wi-Fi
While public/free Wi-Fi networks seem like an optimal way to access internet, it can also be a bait. One of the most common threats on these networks is a Man-in-the-Middle (MitM) attack, which is a form of eavesdropping. Using this, a spammer can extract your email address, contact list, and other sensitive information, leaving your data compromised. To avoid this kind of business email compromise, it's better to only use mobile internet and trusted Wi-Fi connections.
Report spam emails
It is always good to report any spam email you receive to your email service provider (ESP). Reporting spam or marking an email as spam helps your ESP track the spammer's IP address and block any further email from them. This will prevent illegitimate emails from reaching your inbox.
Following these tips can help you prevent spam and cyber attacks. However, it is equally important to be able to protect you if in case a spammer breaks your firewall. Some of the precautionary measures include not storing passwords on your hard drive and rather go with options like Zoho Vault, changing your passwords periodically, not using the same keyword or phrases in all your passwords, using a good antivirus program, and keeping your OS updated.
While consciously protecting yourself from spam is crucial, we at Zoho Mail also go the extra mile to provide you with the industry-standard spam filters and preventive techniques. We'll discuss how Zoho Mail protects you in the next blog. Until then, stay informed and stay safe.