If you have an email address, then you’re familiar with spam. While spam frequently feels more annoying than dangerous, it’s best to treat all spam with caution. While you may have an email filter, spam is becoming more inventive at bypassing filters. Additionally, many spam emails are linked to phishing attempts, which means they’re trying to gain sensitive information about you.
There are several types of email phishing and spoofing, and we’ll highlight the differences between these types of spam, including how you can identify spam and protect yourself.
What is Email Phishing?
There are several different types of phishing tactics used to lure people into divulging their personal information.
One common method scammers use is to include a link and request that you update your information on file or for a payment to go through. The links will often look legitimate, but they’re designed to send your information to the hacker instead.
Fake Email Attachments
Hackers will often also use fake email attachments to bypass strict email filters. These attachments will contain phishing links to fake websites, although some may contain ransomware.
Ransomware is a type of software that accesses your computer and takes away your ability to access anything until you pay the hacker money. The ransomware will lie dormant when hidden in an attachment until you open the attachment. Once you open it, it will automatically begin downloading to your computer.
Spearphishing is not only dangerous but hard to detect. The hacker gathers information about the recipient and creates a specific message tailored to them, even going as far as to pretend they’re a friend, relative or coworker.
What is Email Spoofing?
Email spoofing is when hackers disguise malicious emails and make you think they’re from legitimate sources. Here are three popular ways that hackers will spoof and email.
- Forging the From email address to appear as a legitimate sender.
- Creating an email address that is nearly identical to a legitimate address.
- Forging the display name, but the From address doesn’t correspond to the email address.
While on the surface, spoofing doesn’t seem harmful, if hackers trick you into sharing personal information, it can become a problem, especially if you aren’t cautious and looking out for these types of emails.
Identifying Spam Emails
Here are some ways to be more alert and cautious about spam emails in your inbox.
- Spam emails often contain typos or strange phrasing.
- Check for unfamiliar or unknown links. Never click any links, especially in unsolicited emails. For example, if you receive an email from your bank to confirm your information, call your bank or open a separate internet browser window and manually enter your bank website and login information (do not trust a link in an email).
- Check for the context of the email if it doesn’t seem right. If you receive an email from your boss saying they’re sharing an attachment, maybe contact them using an alternate method (phone or text) and ask them if the email is from them. NEVER reply to any concerning emails!
- Be concerned and cautious about any emails asking for personal information. A legitimate government organization, such as the IRS or a business, will never ask for social security numbers, credit card numbers or passwords over email.
- Always check to confirm that the Reply-To and From emails match. If they don’t, be cautious.
- If something sounds too good to be true, it probably is. Frequently, spam emails will lure people with money that is owed, winnings or contests. You can often google the sender's name and see if it’s an email scam online too.
Protect Yourself Against Spam Emails
The best way to protect yourself against email spam is to institute a spam filter and be cautious of anything that doesn’t seem right. Unfortunately, hackers are constantly finding new ways to get around these filters. Additionally, staying up-to-date on the latest email trends can also help you know the latest types of scams. Here are some other ways you can protect yourself against spam.