Spam is the dreaded thing that clutters our inboxes every day, and can be a real pain. But once you understand where it comes from, with a few simple tips, you can find out how to avoid it altogether.
Spam:The word we’ve all heard of that makes us cringe. It’s what’s brought you emails claiming to give you one hundred million dollars if you agree to pay a transaction fee of one thousand dollars, encouraging you to visit dangerous websites, and even download spyware or viruses. That’s not including some of the slightly more…disgusting emails many of us also receive in forms of spam.
That’s why spamfilters were invented. But they still can’t block everything, or closle to it. In reality, however, spam can be avoided incredibly easily. No, I’m not going to encourage you to download software, or visit a website. I’m just going to share with you the secret to avoiding those pests.
But to understand how to avoid spam, we must understand where it comes from, and why it’s sent.
Spam is usually sent so that the sender can make money. Whether it’s an email covered in ads, asking you to send it to ten friends, or an email attempting to trick you into getting your great great grandfather’s inheritance for a one time fee of three thousand dollars, spam emails have the same common goal of receiving money. But the question is: Who sends this?
Or perhaps more imporantly:How did they find your email address?
As you may know, once a spammer has gotten a hold of your email address, they can sell it to hundreds of marketers, scammers, and other spammers; who send you ads and misleading links similarly to the ones described above. Again, it’s all about money.
But a random email address, even if it exists, is of no value. The spammer has to prove that you have opened an email and are actively checking your inbox. Once this has happened, your email address is sometimes referred to as an active email address.
But how do they do this? There’s quite a few ways. But perhaps the most common way is through sending images or links.
When you display an image in an email, whether it’s from a newsletter you signed up for, or just a “test” spam message, sent to random email addresses to find active ones, you are susceptible to spam. Don’t get me wrong, not all newsletters delivered by email are bad, but some certainly prove otherwise.
Let me give you an example: when a website sends you an email, the logo of the company sending it is often included. But you’ll notice, no attachments are to be found. That’s because you’re really downloading it from a website. This is called, embedding an image.
When you embed an image, you upload the image to a website, such as your own. When it’s on there, the image has it’s own address. For example, if I uploaded an image called bob.jpg, and my website is bob.com, then the image’s url would be something like: bob.com/bob.jpg. Or if I put it in another folder called joe, it would be: bob.com/joe/bob.jpg. You get the point.
But with the right coding, I can put that image in an email, just like I would a web page. By doing this, you are downloading it from the server of the website it’s embedded from; not in the form of an attachment. Are you still following me?
The picture is put in an email just like it is a web page (embedded), and like on a website, when you open the email, you are downloading all its pictures and other items to a folder on your computer. (You didn’t know that?)
But what does this have to do with getting spam? Well, let’s say I’m a spammer sending you that image. I want to be able to prove you’ve opened that email, and that your email address is active, so that I can sell it to other vendors. So, what if I added to that url of the image, your email address?
All I have to do is add a question mark, followed by your email. When you add a question mark to a url, it doesn’t affect what’s displayed, just the page itself. For example, going to bob.com/joe/bob.jpg?blah still displays bob.jpg, but differentiates that page from others.
Now if I was a spammer, I’d add your email address instead of blah. If your email address was somerandomguy@somerandomwebsite.com, when adding the address of the image I’m embedding, I would add a question mark, followed by your email. The url would look like:
www.bob.com/joe/bob.jpg?somerandomguy@somerandomwebsite.com. The page would be different than any others, but would still show the same exact image.
And here’s the magic: when embedding that image in the email, it is the same as if you are visiting the URL it’s embedded from. The spammer can then check if the URL: bob.com/joe/bob.jpg?somerandomguy@somerandomwebsite.com has a visit. If it does, they have then determined you opened the email and displayed the image. Because you did, your email is now proven active, and is liable to be sold to hundreds of marketers, leading to that cluttered inbox.
So let’s get this straight:A spammer sent you an email and embedded an image from a url with your email address in it. You opened it and displayed that image, which means you are visiting the web page it’s embedded from. The spammer then checks if that web page has a visit, determining whether or not your email address is active.
As you can see, a lot happens when you simply display an image, which is why you never should display an image unless you trust the sender. The same chain of events can also happen when you click a link in an email.
But you may be wondering how you even received that email asking you to display an image, or visit the link in the first place. A newsletter isn’t the only way someone may have found your email to “test” for activity.
If you’ve ever left your email on a forum or blog, then you may get some emails with images or links. This is because bots can be sent to scan over, or crawl webpages, in search of anything with the format: X@Y.Z (There’s some algebra review for you all J) Anything with that format is then sent to the creator of the crawler, so they can test for the email’s activity at a later time.
If you do need to post your email anywhere, try making it in a different format so the crawler doesn’t find it. If your email was sally@blah.com, then change the @ to at for example, so that it looks like:sallyatblah.com. But the problem is, crawlers are getting more sophisticated, and are starting to look for those formats too. Try adding brackets around at, and add spacing between the characters. Really, you should be as creative as possible, since the crawlers are getting better and better. Here’s an example:
*s a l l y* [{at}] b l a h dot (c o m)
Really, any unusual format will work.
But there’s a third way spammers can find your email: forwarded chain messages. Yes, those pecky things. This is something you can’t always stop from being sent to you. But here’s the problem:
As the message is forwarded hundreds of times, eventually, a spammer can get a hold of it. When they do, they can see all the addresses it’s been forwarded to, and what addresses it’s forwarded by. All the addresses that forwarded it, can sometimes already be considered active. And the ones receiving it, can be sent links and/or images to test for activity.
The final way spammers can find your email is through what seems to be the most obvious way:Sending images or links to random email addresses to test for activity. This isn’t a common method, but is occasionally used by novice spammers.
How to Avoid it
As you can see, spam can be spread incredibly easily, but can also be avoided incredibly easily. Here are some tips on how to avoid spam, some of which can also be found in the section above.
Turn Off Preview Pane
Outlook and Outlook Express, Thunderbird, and other downloadable email clients often have a preview pane, that automatically displays the most recent email received. Windows Live Hotmail also has this. Despite the word “preview,” you cannot download part of an email, and the entire email is downloaded. Try turning off the preview pane, or switch to a client such as Gmail or Yahoo Mail that has no preview pane enabled.
Make Two Emails
Make one email for newsletters, and other websites requiring you to signup, and one personal email for friends and family to send messages to. A shout out goes to WOT user Bobjam for this great idea!
Don’t Display Images
Unless you’re sure of the sender, don’t display any images in an email not in the form of attachments. This can lead to spam in the future.
Don’t Open Links
It’s never a good idea to click links in emails. Try doing a quick google search of the url and see if there are any negative reviews first. If it’s from a friend, since they aren’t a spammer, after doing a google search, you can try opening it, but make sure to have a firewall running.
Don’t Use the Normal Format
If you need to post your email in a forum, blog, or website, don’t use the normal x@y.z format. Crawlers can scan webpages in search of this format and send anything in it to a spammer. When posting your email, use a unique format. If your email is joe@blah.com, make it look more like:
j o e[at]b l a h d o t (c o m)
But crawlers are getting more sophisticated, so the more unique, the better.
March 31st, 2009 at 10:20 am
Create a new account at mail.com purely for signing up anywhere online unless you trust the source implicitly.
I have several accounts, gmail, hotmail, yahoo and mail.com
I know which mail goes where and who sends to which mailbox.
There will always be a certain amount od spam in any free email account, but using 1 separate account for registrations, if genuine and not spammers the site will usually allow users to change their email address.
Nice article and worth reading, educating users is the key to safe surfing.
April 15th, 2009 at 6:55 pm
Thanks for the article, very helpful and educational