National KE-CIRT/CC Cybersecurity Best Practice Guide of the Week
In This Issue:
What is Spam
WHAT IS SPAM?
This security tip explains what spam is and how you can reduce the amount of spam.
What is spam?
Spam is the electronic version of “junk mail.” The term spam refers to unsolicited, often unwanted, email messages. Spam does not necessarily contain viruses—valid messages from legitimate sources could fall into this category.
How can you reduce the amount of spam?
There are some steps you can take to significantly reduce the amount of spam you receive:
1. Don’t give your email address out arbitrarily
- Email addresses have become so common that a space for them is often included on any form that asks for your address. For example, companies often enter the addresses into a database so that they can keep track of their customers and the customers’ preferences. Sometimes these lists are sold to or shared with other companies, and suddenly you are receiving emails that you didn’t request.
2. Check privacy policies
3. Be aware of options selected by default
- When you sign up for some online accounts or services, there may be a section that provides you with the option to receive email about other products and services. Sometimes there are options selected by default, so if you do not deselect them, you could begin to receive email from those lists as well.
4. Use filters
– Many email programs offer filtering capabilities that allow you to block certain addresses or to only allow email from addresses on your contact list. Some ISPs offer spam “tagging” or filtering services, but legitimate messages misclassified as spam might be dropped before reaching your inbox. However, many ISPs that offer filtering services also provide options for tagging suspected spam messages so the end user can more easily identify them. This can be useful in conjunction with filtering capabilities provided by many email programs.
5. Report messages as spam
- Most email clients offer an option to report a message as spam or junk. If your email client has that option, take advantage of it. Reporting messages as spam or junk helps to train the mail filter so that the messages aren’t delivered to your inbox. However, check your junk or spam folders occasionally to look for legitimate messages that were incorrectly classified as spam.
6. Don’t follow links in spam messages
- Some spam relies on generators that try variations of email addresses at certain domains. If you click a link within an email message or reply to a certain address, you are just confirming that your email address is valid. Unwanted messages that offer an “unsubscribe” option are particularly tempting, but this is often just a method for collecting valid addresses that are then sent other spam.
7. Disable the automatic downloading of graphics in HTML mail
- Many spammers send HTML mail with a linked graphic file that is then used to track who opens the mail message – when your mail client downloads the graphic from their web server, they know you’ve opened the message. Disabling HTML mail entirely and viewing messages in plain text also prevents this problem.
8. Consider opening an additional email account
- Many domains offer free email accounts. If you frequently submit your email address (for online shopping, signing up for services, or including it on something like a comment card), you may want to have a secondary email account to protect your primary email account from any spam that could be generated. You could also use this secondary account when posting to public mailing lists, social networking sites, blogs, and web forums. If the account start to fill up with spam, you can get rid of it and open a different one.
9. Use privacy settings on social networking sites
- Social networking sites typically allow you to choose who has access to see your email address. Consider hiding your email account or changing the settings so that only a small group of people that you trust are able to see your address. Also, when you use applications on these sites, you may be granting permission for them to access your personal information. Be cautious about which applications you choose to use.
10. Don’t spam other people
- Be a responsible and considerate user. Some people consider email forwards a type of spam, so be selective with the messages you redistribute. Don’t forward every message to everyone in your address book, and if someone asks that you not forward messages to them, respect their request.
Have the above security tips in mind when operating your computer systems. Report any cybercrime incident/activity