Teaching People how to Identify Spam

Written by Casper Manes on September 14, 2011

After the article on talking to people about spam, we got a few requests to go deeper into the topic and share some more ways a technically adept user could show to a non-technical user how to identify spam. In this post I will share snips from some actual spam messages I have recently received, and while someone like you or I could tell instantly that they are spam, I will call out to “regular folks” what makes it spam.

You are welcome to discuss this post with your non-tech friends, or just point them to this post and let them approach it on their own. If you choose to let them self-study, please be available for them in case they might have any questions. 

Unexpected messages

Email can be very social, so the temptation is there to read, believe, and respond to anything you receive. But if the message is from anyone you haven’t heard from in ages, or a business you have not dealt with, show some healthy skepticism.

Emergency messages from friends or relatives

Many scams will try to convince you to send money to a stranded relative who can somehow email you, but didn’t call and can’t be reached by phone. Do you really think they had access to email, but not a phone? Don’t fall for this scam.

Requests to update your account

Any time you get an email from your bank, your credit card, or some social networking site telling you to click the included link to update your settings, you can bet it’s fake. Call the customer service number on your card or account statement, or go to their website by typing in the URL to your browser to confirm, but NEVER click the link that is in the email.

Requests for your password

You will never, ever, get a legitimate request to provide someone your password. Never.

Faked links

Always treat links in emails with a healthy sense of caution. Mouse over them to see if the URL that appears in the message matches what is in the status bar, and if you have any doubts at all, better safe than sorry. You can always Bing for the page if you really want to see it.

Obvious misspellings

This may apply more here in the US than elsewhere, but almost every spam message I have ever looked at has some obvious misspellings. I mean ones that anyone should catch. This may also include STrange CAPitalization. Most legitimate senders use spellcheck.

Strange punctuation

This is another one; though it may be more subtle and even legitimate messages may have some punctuation errors. Dont be a grammar nazi, but think twice when you are checking your mail.

Pleas for help from strangers

Unless you actually submitted your email address to a list of good Samaritans and charitable causes, no one is going to email you out of the blue asking for help.

Offers too good to be true

No dead businessman has EVER left an unclaimed bank account worth millions, and no last surviving scion of a deposed dictator is going to reach out to you to help smuggle millions out of the country. Microsoft does not give away laptops to people who forward their email, and Walt Disney doesn’t give free vacations for that either.

You’re a winner, but you never entered the contest

Same concept. If you didn’t enter a drawing, contest, or raffle, how could you be the winner. If you are giving out your email address to so many things you can’t remember, spam may not be the biggest problem you have.

Anything that wants you to forward to others

Just don’t do it.

Attachments you weren’t expecting

Malware (the fancy name for viruses and other programs that will crash your computer and steal your passwords) are often sent as attachments, hoping to get you to open them. Even if it is a friend who sent you the message, call them to be sure they really sent it before you open it.

Open the attachment to read the message

Same idea, only more likely to fool the curious since they want to know what the message is. Don’t fall for it. No legitimate mail will be sent as an attachment without anything in the body of the email.

There may be good reasons for some of these (but not the passwords, giveaways, or requests to update your account) so don’t assume every email you get is spam, just understand most of them are, and use caution and good judgment. It really is better to be safe than sorry.

Comments

Jon Sobecki September 14, 2011

A good list of strategies to help people keep an eye out for at least suspicious messages. Another thing I would suggest looking out for are emails supposedly sent from corporate teams whose domain names do not reflect the company they work for.

John Kew September 15, 2011

Great list. I suppose one of the reasons social networking has become so popular is that you only get messages from people on your friends list and so the chances of getting spam are greatly reduced.

You didn’t mention messages written in Russian! But I guess those are obvious!

Charlie Day September 16, 2011

For me, personally, identifying spams is common sense. It does not require too much thinking or deep knowledge about what it is and how it works.

If an email message is not solicited or you don’t know the message’s sender, then it’s a spam. That’s it. Teaching people to identify it is useless. Also, spam has different types and forms. It’s very dynamic.

Florider Man September 18, 2011

Links inside emails are a big no-no. That’s why I require my friends, family, and co-workers to to limit their links inside their emails (1 to 2 links are enough). This will ensure that I will always get their emails.

As a tip, when sending email with a link(s), you can always disable rich or HTML formatting in your email. Enable the text mode instead.

You can also segregate your URL into pure texts. For instance: http://www.examplewebsite.com can be inputted as “example website dot com”.

Sebastien Pierre September 29, 2011

Now, this list is really helpful and I will keep it for future reference when I need it. I know many people who will benefit tremendously from reading it and I will start sending them the link (I hope this won’t be regarded as spam, haha! :) )

jaffy August 9, 2012

Thanks for the list..

  • (required)
  • (required)