Spam Filtering Cheat Sheet: 14 Ways to Reduce Spam

September 18, 2018 by

Penny Hoelscher

What Is Spam?

Spam is usually defined as irrelevant or unsolicited messages sent over the Internet, typically to a large number of users, for the purposes of advertising, phishing, spreading malware and other annoyances. Spam — from unsolicited junk mail to dodgy emails with potentially malicious links — is annoying at its most harmless, but downright dangerous at its worst.

How Big Of a Problem is Email Spam?

Research by Spam Laws indicates that spam accounts for 45 percent of emails sent, or about 14.5 billion messages a day in the U.S. Globally, research suggests the figure could be as high as 73 percent. According to Spam Laws, scams and fraud comprise about 2.5% of all spam email, and phishing comprises 73% of that 2.5%, or 1.8% of all spam email.

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

Demo Now

What Are the Negative Effects of Spam?

Identity theft is a worrying potential by-product of spam, but even harmless spam (like advertising which accounts for the majority of spam emails) can reduce office productivity and clog up mail servers which in turn affects an organization’s bottom line. Spam Laws estimates spam will cost businesses up to $257-billion per year if it continues to grow at current rates.

How Can You Reduce Spam?

Anti-spam filters can help reduce spam, but spammers are wily, constantly coming up with new tricks. Speaking to NBC News on condition of anonymity, one spammer said that with just four computers and two modems he could transmit 10 million emails a day.

It is unlikely your inbox will ever be spam-free, but if you apply a multi-layered strategy, you can significantly reduce spam and lessen the chance of being hacked. Here are nine tips to keep you safe.

1. Junk the Junk

A tracking pixel is a small graphic loaded when a user opens an email which can be used to track certain user activities. With a size of just 1x1 pixels, it is not visible to the user, but it sends a message to a sender to confirm the email recipient’s address is a valid one. In most email clients, you can disable images; however, this isn’t always possible, so learn to throw out or quarantine suspicious emails without opening them.

2. Use Your Email’s Built-In Spam Filter

Email programs differ, but they all have some form of built-in anti-spam features.

• Microsoft Office Outlook has an easy-to-use Junk email filter and can block tracking pixels
• Hotmail is Outlook’s web version and the online community can help you customize antispam filters. You can also use Gmail to filter Hotmail spam  
• Gmail and G-Suite allow you easily to mark and unmark spam on Windows, iOS and Android devices

3. Choose a “Less-Guessable” Email Address

Spammers use sophisticated name-generating bots that churn out billions of possible email address combinations. They also use telephone directories and information they extract from the Internet to find victims. Try to choose a complex or unusual email address that doesn’t follow a pattern.

4. Be Cautious When Giving Out Your Email Address

Spam is one reason some organizations do not put their email address on their website and use contact forms instead. Try not to share your email on social or business networking sites.

5. Get a Throwaway Email Address

If you need an address to join a group or post a message on a forum, consider a throwaway address separate from the regular account you use for work or to stay in contact with friends and family. Ten-Minute Mail gives you a free temporary email address that expires after ten minutes. If you want a more lasting solution, the Chrome extension Burner Mail allows you to create a new email address when you sign up to services on the Internet and routes messages to your genuine account.

6. Use Antispam and Antivirus Software

There are many spam blockers and antispam filters on the market, and many of them are free:

• Mail Washer offers a free fully-functional 30-day trial, and the cost of the Pro version starts at $39.99 per year
• Spam Fighter is free for home users and $29.00 per year for business users
• Spamihilator is totally free, but provides no technical support except through public forums
• Orange Assassin is a popular open-source option.
• Enterprises should look at more powerful solutions, like TitanHQ’s Spam Titan (starting from $1.70/mo) or Zero Spam (starting from $0.75/mo)

7. Train Your Spam Filter

When you do receive spam in your Inbox, mark it as such to put it into email quarantine. Next time around, your antispam watchdog will recognize it as junk mail.

8. Unsubscribe From Mailing Lists

Unsubscribing will lessen the load on your server … and your time. Unroll.me helps you identify unnecessary email subscriptions.

9. Never Reply to a Spammer

Doing so gets you a green checkmark on their Valid Emails List and makes you a bigger target. And never spam others: forwarding a spam email to multiple contacts could make you very unpopular.

And here are five more tips that specifically serve to protect enterprises:

10. Use a Real-Time Block List (RBL)

An RBL works by deflecting emails before they are download to users’ inboxes, which saves bandwidth. Zen, from Spamhaus, offers a free service, restricted to low-volume non-commercial users only. RBL Tracker provides the full monty to enterprises starting at $16/mo.

11. Use Recipient Verification (RV)

Block emails to non-existent email addresses before they are downloaded to your servers to conserve bandwidth. Check the manual for your email client, e.g. Microsoft Exchange. Only allow emails that use proper SMTP handshake protocols. These techniques will help to weed out spam bots.   

12. Use a Web-Based Contact Form on Your Website

Captcha is dead. Using its successor, reCaptcha, will help keep spammers from harvesting your address and is a less annoying and laborious way for your customers to prove they are human.

13. Provide Employee Training

Implement a clear policy on how employees should handle unsolicited email and provide regular security awareness training. Don’t allow staff to use office email for personal messaging; they should use their own devices.

14. Ensure Your IT Department Employs Antispam Best Practices

There are a number of antispam best practices, listed and available for free on the Internet. Be sure what your organization’s best practices are and

Conclusion: Practice Safe Emailing

Like malicious scammers, sales and advertising staff at otherwise reputable organizations are not doing you a favor with their special offers and promotions; they want to make money, and they know how to avoid spam filters.

Wise up and think clearly about why you are receiving a certain email. Do you really think you have a chance to win an all-expenses holiday to a tropical island? Why is a supplier offering a 50 percent discount on high-tech items? How many people do you know became millionaires, without effort, in 30 days (or lose 30 pounds)? Reducing spam will make you more productive, reduce the load on your email server and lessen the chance of a cyberattack.

Sources

Spam Statistics and Facts, Spam Laws

The secret tricks that spammers use, NBC News

Tracking Pixel, Ryte Wiki

10 tips on how to help reduce spam, Outlook

How to Say Goodbye to Hotmail Spam for Good, MakeUseOf

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

Demo Now

7 Key Strategies for Avoiding the Gmail Spam Filter, FulcrumTech