Email, Spam and Phishing

  • By David Maloney
  • 09 Dec, 2016
We can offer many types of email solutions to fit the particular needs of your company. These range from using one or several email addresses from your ISP (Internet Service Provider), to hosting your email for you, to recommending another company to host your email, to setting you up with your own email server.

We can also provide email filtering for whatever kind of email you are using.

Spam and Phishing emails could use some explanation and clarification as to what they are, how they are damaging, and how to avoid the harm they can cause.

SPAM:

One of the defining characteristics of spam emails is that if you reply to an email, asking to be removed from the email list, you will not only not be removed, the spammers will in fact redouble their efforts, because you will have just confirmed to them that there is a live person at that email address.

For that reason, you should never reply to a spam email. Also, you should never, ever, under any circumstances, purchase anything from a spammer. As incredible as it may sound, some tiny fraction of a percent of spam recipients actually purchase things from the spammers. This is enough to keep the spammers in business. If nobody were to buy anything from spammers ever again, they would stop spamming.

It is important to distinguish true spam from emails which are unwanted, or annoying, but which come from legitimate businesses. For example, if you are receiving unwanted emails from a reputable company like Target, or 1-800-Flowers, simply click on their unsubscribe link, and they will stop sending you emails. Because reputable companies such as those will in fact stop sending you emails when you request it, emails from those companies  are not spam .

Once your email address gets onto the lists of email addresses that the spammers use, you will receive increasing amounts of spam until the end of time. For that reason, be careful with any new email addresses you may have. In fact, you may want to create one or two extra email accounts from one of the free web-based email companies like GoogleHotmail , or  Yahoo  to use in situations where you suspect that your email address may get onto a spam list - for example, entering contests, or making an online purchase from a shady vendor.

Spam emails are damaging in the time that they waste. If you have no spam filtering whatsoever, and each of your 20 employees gets an average of 20 spams per day, even if it takes only 10 seconds per spam to determine that they are spam, and to delete them, that adds up to 3.3 minutes per person wasted every day, or roughly 14 hours per year. If each employee is paid an average of $20 per hour, that comes out to $5600 you are paying each year for your 20 employees to do nothing but delete spam emails. If your employees make more, or if you have more than 20 employees, or if they get more than 20 spams per day, then obviously the amount of money wasted is correspondingly greater.

Phishing Emails:
Phishing emails are considerably more devious than simple spam. Rather than trying to get you to buy something, phishing emails try to convince you that they are from someone you trust (your bank, your mortgage company, PayPal, EBay, etc) and they try to get you to click on a link in the email, which takes you to their website (though it will probably be mocked-up to look like the website of whatever company it supposedly is) and give them your personal and/or financial information.

Phishing emails can be extremely difficult to detect, but here are some tips:

  • Look for spelling mistakes, or grammatical errors. Often phishing emails are written by people who are not native English speakers, so their syntax can sound quite strange and awkward.
  • If there is a link in the email, move your mouse cursor over it without clicking on it. The actual URL link address will show up in the status bar of your email program. If the actual URL of the link is different from the link text, that is a dead giveaway. For example if the link says  security.yourbank.com  the actual URL might say something like  http://security.yourbank.com.russianmobsters.ru
  • Best of all, if there is a link in the email, don't click it at all. Instead, open your web browser and either copy the link from the email into the address bar of your browser, or better yet, type in the address yourself of the website of the institution the email purports to come from.
  • Sometimes a phishing email will have a phone number in it, and ask you to call them to clear up some problem with an account. Don't call that number. Instead, go to the website and find the number, or (if it is a credit card account) call the number on the back of your credit card.

Take a test:
Follow this link to take a test by SonicWALL, a firewall and Internet security company. It shows you examples of emails, and asks you to determine if they are phishing emails, or legitimate. At the end, it will tell you if you got any wrong, and explain how you could have determined the correct status of the emails.

SonicWALL Phishing and Spam IQ Quiz

OpenDNS has a similar test that may be even more helpful in helping you learn to spot fake, phishing websites

OpenDNS Phishing Website Quiz

Share by: