Welcome to the fourth post in our Let’s Talk About Spam series. Today, let’s go over how to identify spam. Technical folks can smell it from a mile away, and can usually spot a spam message by its subject line, but how do they do that? Identifying spam is not too difficult, once you know what to look for. Spam, phishing messages, and malware all have some common attributes that you can easily spot when you know what to look for.
Your email is, at the end of the day, yours. When you think about all the email that is in your inbox each morning, give a quick glance at all the messages that are in there. Look at the column that lists who the email message is from. Odds are, if you don’t recognize the sender, it’s spam. That’s not a 100% effective test, since you may not remember everyone by name, or you might be getting email from a company representative, but this should be the first thing you consider. If you don’t know who is sending you the email, that should be strike one.
Be careful though. Just because you do know the sender, doesn’t mean the message is guaranteed to be safe. Many spammers will try to fool you into opening their messages by using names you would know, and some malware will read an infected computer’s address book to send copies of itself to others, hoping that the recipients will open the message since it comes from someone they know. Don’t always trust everything from someone you know any more than you should automatically delete everything you get just because you don’t know the sender. But if you don’t recognize the sender, be suspicious.
Unless you speak a foreign language, senders with foreign characters in their name are very likely to be spam. Sender addresses with numbers in them are another red flag. Even companies you have heard of, if you didn’t sign up for their mailings, are probably another red flag. Reputable companies will only send you email if you sign up for it. It’s called “opting in.” But disreputable companies and spammers will use other companies’ names to try to trick you into opening their messages.
Sometimes companies will send email and the “from” address will be their name, but I have never seen a legitimate email where the “from” sounds like a subject line. If they do, odds are good the mail isn’t.
Here’s a test. Look at the following and see if you can spot the spam:
Yes, every single one of them is spam. eHarmony and the University of Phoenix are both reputable companies, but I have never signed up for either of them.
Read the subject line before you open the message. Odds are good that you will be able to spot the spam immediately just by looking at the subject line. Usually the product being shilled is listed, or the subject line has strange spelling or grammar. If you see numbers or strange characters where vowels or consonants should be, it’s another sure sign that the message is bogus. And anything that says something like “open the attachment to read an important message” is a huge red flag that should be deleted immediately. That’s a very common way to fool you into opening an infected attachment.
Spelling misteakes and bad grammer (see what I did there?!)
If you see poor spelling, strange grammar, or unusual phrases in an email, once again, it’s a sign that the message is not legitimate. If you do communicate regularly with people using a language that is not their first, don’t beat up on them for the occasional error, and be tolerant of kids (and others) who use shorthand spellings, abbreviations, and slang, but no legitimate business is likely to send you an email full of spelling and grammar mistakes.
Requests for personal information
No legitimate business anywhere in the world will ever ask you for confidential information in an email. Anytime you receive a message that asks you to reply with any kind of sensitive or personally identifiable information, like your physical address, your account number, or your password, hit delete immediately.
In our next post we’ll look at some of the worst offenders to help you feel more confident about identifying spam.