Why we get Junk Mail (SPAM) to our @byui.edu addresses
Is your inbox full of spam? Are you wondering where all those emails are coming from? This article explains how others get your email address and why they send so much junk.
If you have an email address, you've received spam. This is just a fact of life. Any time you open up your inbox, more than likely some of the messages you receive are going to be junk. The real question is-why is there so much of it? What do the spammers get out of sending all this junk email?
Before we answer that question, let's talk about how spammers get your email in the first place. Unfortunately, it's pretty easy. There are quite a few ways spammers can get their hands on your email address.
How do spammers get my address?
Spammers seem to have supernatural powers that enable them to guess email addresses accurately and quickly. But in reality, spammers harvest email addresses by pretty mundane means. You may even be contributing to the problem without realizing it. Here's the scoop on how spammers get email addresses, and steps you can take to protect your inbox.
First, there are large lists of published email addresses that are just floating around the internet. All spammers have to do is download them and start sending. Hacking into a major company's databases can yield millions of high-quality email addresses at once, not to mention even more valuable data such as credit card numbers, Social Security Numbers, etc. Not long ago, Chase Bank was hacked, and 76 million customer email addresses were exposed. It seems every month another massive data breach makes news, affecting millions of consumers.
Spammers also trade in lists of email addresses. A list of a million addresses goes for as little as $100. Some online crooks don't even mail spam, but make their living harvesting and trading email addresses. Your supposedly legitimate business associates (or any website where you hand out your email address) may be selling you out to spammers, though they may think of the spammers as "trusted partners."
There's not much you can do to prevent this, except hope that the companies you do business with have good security protocols in place.
- Opt out of allowing your email address to be shared with third parties for any reason, if possible.
Odds are, though, your email address will be found by the small programs that crawl websites and forums looking for email addresses. These tiny programs will just search for the pattern of some text, followed by the @ symbol and then a common extension like .com, .net, or .edu. If the pattern is recognized, the program will record it and move on.
To avoid being bitten by a spider, don't put your email address on the Web. That means not posting it to online forums or personal web pages. Scan the web with a Google search to see where your email address is available, and work towards becoming invisible. If you must make your email address visible in public, you can obscure your address by avoiding the "@" symbol, i.e., use "joe at byui dot edu" instead, or create an image with the address instead.
There are other ways for spammers to get your email that may not even require leaving it somewhere on the internet. If your computer is not adequately protected from viruses, spyware and phishing attacks, all of the people in your email address book are vulnerable to spam attacks as well. For example, if you or someone you know gets infected with certain malware, the virus will check the computer for your address book, record it, and then phone home any of that information. This could cause the amount of spam you receive to spike overnight! This type of leak isn't confined to just individuals either. Large companies sometimes get hacked and their email lists are then sold on the black market to be used as targets for spam.
And if you have an email password that's easily guessable, spammers may hack into the email account and steal all of the contacts stored there.
For password best practices check out this article.
Legitimate Share - Illegitimate Use
Sadly, any time you give your email address out to any website, person, or company, you're at risk for having it used for spam. Sometimes, websites and companies will even sell their users' email addresses directly to spammers, which is the worst! Once, I was at a conference where in order to enter a drawing, I had to give them a business card. Even though that conference was many years ago, I still receive tons of junk email from that.
It's a good idea to have a "throwaway" email address that you can enter into Web forms, rather than using your everyday address.
The last way that your email is compromised, comes down to sheer odds. Spammers will often try popular email combinations, using popular names and services, and just see what happens. For example, a spammer might try and send an email out to firstname.lastname@example.org. Odds are, this email is taken, and might still be in use. So if you have a popular name or an email address you may be susceptible to receiving spam.
That's why the first rule of dealing with spam is "don't reply to it." Doing so just tells the spammer that you are a "live one" and worth hitting with more spam.
Some people believe that email forwards play into the hands of spammers, because they accumulate a large number of addresses as the message spreads from one person to another. I'm not so sure this actually works, because there's no easy mechanism for the bloated messages to return to the spammer. But I will certainly agree that blindly forwarding every silly story doesn't contribute anything positive to the Internet. Cambodian midgets fighting lions? Nigerian prince wants your help transferring money? Really??
If you're tempted to forward something that seems dubious, check it out on Snopes.com before hitting the Send button.
Why do spammers spam?
This leads us back to why do spammers spam. It all comes down to numbers.
Say you're selling something online. If you send an email out to everyone you know, odds are a few people would buy it. Say you sold 1 widget for every 100 people you sent an email to. If your product was $10, you just made $10 for doing next to nothing.Now, 1 sale for every 100 emails is pretty good, but you're only sending emails to people you know. Let's suppose you could get 1 sale by sending 1,000 emails to strangers. The effort to send 1,000 emails is not much more than sending to 100-in fact sending 100,000 emails isn't even that hard. So, if you sent out 100,000 emails and only 1 person purchases a widget for every 1,000, you would stand to make $1,000 just for sending a single email! This is the same process scammers use when they pose as a Nigerian Prince and send out an email soliciting your help. If you comply, you will be rewarded with millions-but only if you send a $1,000 ransom first. The spammers don't think everyone will fall for the scam-not by a long shot-but if they get just one person to send money, it is well worth the effort, economically speaking.
Some of the recent hacks of major companies make this process even more dastardly. If you were one of the Anthem insurance customers whose information was stolen, you could be vulnerable to any number of scammers posing as Anthem looking for your financial information. In addition to possible scams, those leaked emails could also pose as possible leads for Anthem's competitors, for companies hoping to sell identity theft protection, or any other targeted service. This means even more spam and more sharing of your email address-all in the hopes that you'll buy something. Recently, there has been an even darker side to spam-distributing malware. Sometimes the goal of a spam email is not to sell you something, but rather to entice you to click a link to infect your computer with malware. The malware could then spread to the rest of your system and wreak havoc. It's even worse when the malware forces a victim's computer to send mass emails, making the infected person an unknown spewer of spam!
It's almost impossible to hide your email address from spammers completely. At the least, you'll probably get a blind dictionary attack spam, eventually. But think before you give your email address to any website. The fewer entities that have your email address, the less spam you will receive. Keeping your own computer secured, and encouraging your friends and family to do likewise will also help.
How do I avoid junk/spam?
Knowing where spam comes from and why is only half the battle. That's why today we're going to discuss the steps you can take to avoid spam cluttering your inbox.
Use Disposable Email Addresses
First and foremost, use a disposable email address for any temporary account, or for when you need to provide and email address for something you're likely to use only once. There are a ton of websites that will give you a free temporary email address, such as 10minutemail.com or mailinator.com. These websites don't require anything to sign up and they are completely free to use.
Unsubscribe from Newsletters and Alerts
The next step in clearing up your inbox and cutting down on spam is to unsubscribe from any news emails or alerts that may show up in your inbox on a regular basis. If you just search your inbox for the word "unsubscribe," you'll typically see a list of alerts and news-based emails that you may not want to receive anymore, or that just clutter your inbox up. I've completely unsubscribed from notifications from Facebook, Twitter, LinkedIn, and any other web sites. It keeps my inbox clutter-free and much easier to navigate.
Mark Spam as Spam
If you are interested in helping your fellow brothers and sisters, you should mark spam or junk mail as such. This helps us to improve our algorithms in detecting spam messages across the board for every user. For example, if a message gets marked as spam by 100 users, it may be flagged as spam for everyone else. This is a reason why you should never mark a newsletter as spam. If enough people do this, you could send legitimate newsletters that people rely on to junk mail. Not good.
Don't Give Your Email Address to Public Websites
Another super easy way to cut down on junk mail is to avoid giving your real email address to public websites such as Facebook, tech support forums, or anywhere else that is public. If you include your actual email address in a public web space, it will make you vulnerable to having your email address found by programs that crawl the internet looking for email addresses to spam.
Disable Images from Loading Automatically
Outlook automatically does this. It's possible to change that setting. But we don't recommend it. The reason why is pretty interesting. When a spammer includes an image in their email, they will make sure that the image loads from a website or domain that they own. By adding a little bit of code to the email, they can identify if you've opened their message simply by seeing if the image they included in the spam email has loaded. Once they see that you've seen the email, they know that your address is active, and they will begin to send you even more mail.