In 2014, a whole new method for spamming began to emerge – Snowshoe Spam.
It works like this:
Spammers use botnets to send a huge amount of spam at a low volume per IP address, which makes it harder to prevent.
According to Cisco, snowshoe senders increased from 7% in 2013 to 15% in 2014.
Of course, anti-spam technology and security companies who learn everything they can about how to prevent spam started improving their defenses against snowshoe – which encouraged spammers to update and improve their techniques…
In 2016, the Cisco Talos and Umbrella research teams identified an evolved version of snowshoe known as “hailstorm.”
Hailstorm still relies on a large army of botnets that send a low volume of spam per IP address, but the attack is executed swiftly and fiercely – so fast, in fact, hailstorm spam attacks usually end before top-of-the-line anti-spam security systems can respond.
Eventually, anti-spam technologies will improve enough to stop hailstorm…
And then the next evolution of spam will be born.
There’s no doubt that hackers worldwide are programming and testing new forms of spam right now.
While it’s true that spam will probably be around for as long as email exists, you can do a lot to minimize the impact of spam on your inbox – making it negligible and ineffective.
We’ll go over how to prevent spam from becoming dangerous, and how to identify spam when it arrives in your email.
But first, let’s define spam.
What Is Spam?
Spam is, in its most basic form, unsolicited bulk email – an onslaught of annoying emails from random senders
It’s called spam because of a well-known Monty Python sketch in which the food spam is featured in every dish on the menu in the sketch – making it ever-present and unstoppable.
Spam, in our inbox, is seemingly ubiquitous and unavoidable.
Spam email may legitimately try to sell you something like flashlights or supplements.
However, spam can easily expose you to a whole host of IT security threats such as business email compromise whereby the spammers attempt to steal your identity, credit card info, social security number, etc.
What’s the first step in preventing spam?
Learning how to spot it once it hits your inbox.
How to Identify Common Types of Spam
While Snowshoe and Hailstorm are techniques for sending spam effectively, they don’t tell us exactly what emails will be sent your way.
Most spam can be identified in obvious ways, and you should be able to separate spam from regular email if you want to avoid being scammed.
Here are 4 things you can do to make sure the emails you’re receiving aren’t spam:
Check the Sender
Almost every spam email you’re likely to receive will be sent from an unknown or odd email address.
Not ALL emails from unfamiliar senders are spam – you may have legitimately signed up for a newsletter but don’t recognize the sender’s address – however, it’s definitely a red flag.
For example, one common trick of email spammers is the “failed delivery” message.
The spammers will pretend to be your email client, like Gmail, and send you a “failed delivery” email claiming that you had recently sent an email message to someone that couldn’t be delivered because you entered the wrong email address.
The spammers will usually attach a malicious link in their email to you, and if you open it, you’ll unintentionally install malware or a virus.
If you get a message like this from your email client, be sure to check the details and make sure you actually had recently sent an email.
Check the Grammar
Spammers might be smart enough to program high-powered botnets, but they’re usually terrible writers.
Be aware of any email with unintelligible word salad.
Multiple misspellings, odd words or letters capitalized, clunky sentences, and incorrect punctuation are major red flags.
Check the Purpose of the Email
Free money, electronics, or vacations are almost always a scam.
Anything 100% free from a random organization or contest that you never entered and never heard of is probably fake.
Also, if an email asks for your password, it’s fake – all legitimate websites have password reset programs that are automated.
Be Wary of Headlines Full of Hype
Headlines like “Get 20,000 Facebook Likes in 2 Hours…for FREE!” are obviously a scam and a waste of your time.
Usually, these spammers are trying to peddle some cheap affiliate program. While the program may be legitimate, it probably won’t deliver on its claims, and the site you visit or the software you download could be infected with malware or viruses.
How to Prevent Spam
Alright, so you know what spam is and what it looks like.
Now you just need to learn how to prevent spam from bombarding your inbox.
Here are 7 tips to help you remove your email from a spammer’s list and stop or mitigate the spam you’re already receiving.
Don’t Accept Third-Party Emails
You may have noticed tiny checkboxes below an email form when you sign up for newsletters or free downloads.
Those checkboxes might say “I agree to the terms of service” or “yes, I understand I’ll receive emails from ACME company.”
These are legitimate.
Sometimes, those checkboxes will say “Yes, I agree to receive promotional emails from third parties” or something to that effect.
These types of checkboxes are probably already checked for you.
Uncheck them if you don’t want to receive spam.
Use Disposable Emails
There are plenty of sites offering something free in exchange for your email. If you just want the freebie without signing up for someone’s mailing list, then use a disposable email address.
This is especially useful if the website looks spammy, or if you just need to access the content once, and never revisit the site.
Guerilla Trends created a long, up-to-date list of the best websites you can use to generate disposable emails whenever you need them.
Flag Spam in Your Email Account
Get in the habit of training your email client to identify and sort out spam entering your inbox.
Instead of deleting spam emails yourself, select them and click the button “Report spam” (the button usually has a big exclamation point).
Many email clients automatically look for spam in your email, and sometimes it flags an email as spam that isn’t spam.
Once a month, pop into your spam folder and look for any emails that are legitimate and flag them as “not spam.”
As you go through this process, your email client should progressively become better trained regarding actual spam and regular emails.
Never Interact With a Spam Email
As you try to detect spam, you may be tempted to investigate the email more than you should.
If you can tell it’s spam without opening it, then never open it and just flag it and put it in your spam folder.
If you open an email and you realize it’s spam, close the email immediately and flag it.
NEVER click a button, follow a link, or download a file if you even slightly suspect the email is spam.
If an email was sent by a legitimate person, like a friend or coworker, but it obviously looks like spam and isn’t written in their usual style, then contact that person and let them know their email has been hacked.
Hide Your Email Address
If you can, hide your email address online.
If you’re a public figure that needs to openly publish their email, then use a unique email for just that purpose. Use a different, hidden email for everything else.
Use a disposable email address for everything that’s not important.
Change Your Email Address
If your email has been hacked, or you’re receiving an overwhelming amount of spam, and your email client can’t resolve the problem – change your email address.
How to Prevent Spam Company-Wide
Learning how to prevent spam from invading your personal email inbox is the first step in protecting your data.
The next step is making sure every employees’ email inbox is protected company-wide.
Sharing this article with your team and making sure everyone implements a dedicated anti-spam plan is a great start.
But if you want to remove the guesswork in spam prevention, and commit to keeping your business safe from dangerous emails, then you should work with an IT company who will implement a complete email security solution.
State-Of-The-Art Spam Prevention and Email Security
We use industry-leading email security engines that are currently protecting over 1 billion mailboxes globally. From multi-layered protection against malware to tier 1 antivirus software, we protect your company from targeted attacks and user-error. Our tailored and flexible security programs will work with the size and scope of your business to deliver exactly what you need, at the price that fits your budget.
Contact us for your free consultation today to learn more!