Helping Your Users Understand Spam

Spam can be extremely tricky to stop.

IT professionals work constantly to prevent spam from reaching email inboxes however spammers quickly adjust their tactics to circumvent all but the most serious spam fighting tools.

The people in charge of your IT resources have a hard enough time fighting spam on the front lines; however the fight gets even tougher when they have to confront spam behind the scenes when they are tasked with educating their users on spam.

While most training focuses on how to identify spam, what to do when you receive spam or how to block it from showing up in your inbox, not much training addresses what spam is and what spam isn’t.

This list will help you understand both common misconceptions and current trends surrounding spam.


Just like viruses caused people to fear using their computers back in the nineties, spam generates a similar amount of hysteria in today’s users.

For users to be comfortable when it comes to dealing with spam, they first need to clear up any misconceptions that they may have…

Most spam is porn

There was a time where spam was used to lure new customers into buying online porn subscriptions it hasn’t been a common theme for junk email in quite some time. In fact the Microsoft Developer Network Cyber Security Blog shows that according to their tracking, pornography made up only four percent of all spam messages in 2011 and 2010. In 2009 this type of spam accounted for 5 percent of all spam.

Opening spam will infect my computer with malware

When people started getting smarter about spam, cybercriminals saw their income start to wane. So like any other business they shifted to something more profitable and started delivering malware and malicious links instead of advertisements for Viagra.

So while it is true that many spam messages contain malware, simply opening the email will not infect your computer. If a user clicks on a link or downloads an attached file then they will likely suffer from a malware infection.

Nobody falls for spam

If this were the case, we wouldn’t have a blog dedicated to fighting spam. In fact, there would be no need for any type of anti-spam software or appliances.

The sad fact is that people fall for the scams sent via email every day. In fact, The Atlantic recently featured a story about how a 65 year old man and his 30 year old daughter were kidnapped and held captive by a gang in Nigeria after travelling there to claim millions of dollars promised to them. Instead of unbelievable riches, the pair had to be rescued.


Once your users are more comfortable with spam and they know that when they encounter it they should simply report it, you can move on to educating them about some of the more common trends in the world of spam.

Just like you would tell a traveler in your city what parts of town they should avoid, you should make your users aware of what to be on the lookout for when it comes to spam.

  • 68 out of 100 emails are spam
  • 1 out of 298 emails are phishing attempts
  • Sex and dating emails are the most common categories of spam at 43 percent
  • Pharmaceuticals are the second most popular category of spam at 30.5 percent
  • Spammers are starting to personalize their email messages to victims
  • Spammers are using the upcoming Summer Olympics to spread malicious links via spam
  • Pay-per click fraud is rapidly becoming a big money making scam that relies on spam to infect victims computers
  • Despite a rise in SMS spam and social media spam, the levels of email spam have once again begun to rise

Educating users as to what spammers do and how they work can help round out any awareness program that your organization puts in place. This, complimented with a reputable anti-spam solution, should help keep the level of spam in your mailboxes down to a minimum.

Spam will not stop as long as people continue to make money from it. But you can keep it to a manageable level within your organization so that your co-workers and get their jobs done efficiently, effectively and safely.

Written by Jeff


  1. Jessica Craig · July 17, 2012

    As for opening spam, I think it won’t hurt, though it is an overkill for sure, if users continue not to open spam messages. It is true that opening the message itself usually is safe, I’d better be safe than sorry and would go on with keeping the email unopened. Or in case of doubt, contact your sysadmin.

  2. Fred · July 17, 2012

    I setup Thunderbird to only download headers from the server and have trained my users to only download the rest of the messages from people they know or legit new customers.
    Not fool-proof by any means but reduces the server load on the obvious crap.

  3. Jack Mayner · July 28, 2012

    @Fred, sad to say that Mozilla is halting the development of Thunderbird for one reason o.r another. But yes, I agree, better to not just open an email if it certainly looks be spam.

    But sometimes if a friend’s email account is being compromised and is being used to send malicious emails, you still end up opening it anyway. Don’t fret, there is yet to be a technology that will allow the distribution of malware by just opening the email. Further action is needed for the malware to wreck its havoc. User orientation is still necessary and should often be repeated as people do tend to forget.

Leave A Reply