Let’s Talk About Spam – How to Identify Spam

Written by Casper Manes on May 1, 2012

identify spamWelcome to the fourth post in our Let’s Talk About Spam series. Today, let’s go over how to identify spam. Technical folks can smell it from a mile away, and can usually spot a spam message by its subject line, but how do they do that? Identifying spam is not too difficult, once you know what to look for. Spam, phishing messages, and malware all have some common attributes that you can easily spot when you know what to look for.

Senders

Your email is, at the end of the day, yours. When you think about all the email that is in your inbox each morning, give a quick glance at all the messages that are in there. Look at the column that lists who the email message is from. Odds are, if you don’t recognize the sender, it’s spam. That’s not a 100% effective test, since you may not remember everyone by name, or you might be getting email from a company representative, but this should be the first thing you consider. If you don’t know who is sending you the email, that should be strike one.

Be careful though. Just because you do know the sender, doesn’t mean the message is guaranteed to be safe. Many spammers will try to fool you into opening their messages by using names you would know, and some malware will read an infected computer’s address book to send copies of itself to others, hoping that the recipients will open the message since it comes from someone they know. Don’t always trust everything from someone you know any more than you should automatically delete everything you get just because you don’t know the sender. But if you don’t recognize the sender, be suspicious.

Unless you speak a foreign language, senders with foreign characters in their name are very likely to be spam. Sender addresses with numbers in them are another red flag. Even companies you have heard of, if you didn’t sign up for their mailings, are probably another red flag. Reputable companies will only send you email if you sign up for it. It’s called “opting in.” But disreputable companies and spammers will use other companies’ names to try to trick you into opening their messages.

Sometimes companies will send email and the “from” address will be their name, but I have never seen a legitimate email where the “from” sounds like a subject line. If they do, odds are good the mail isn’t.

Here’s a test. Look at the following and see if you can spot the spam:

Yes, every single one of them is spam. eHarmony and the University of Phoenix are both reputable companies, but I have never signed up for either of them.

Subject lines

Read the subject line before you open the message. Odds are good that you will be able to spot the spam immediately just by looking at the subject line. Usually the product being shilled is listed, or the subject line has strange spelling or grammar. If you see numbers or strange characters where vowels or consonants should be, it’s another sure sign that the message is bogus. And anything that says something like “open the attachment to read an important message” is a huge red flag that should be deleted immediately. That’s a very common way to fool you into opening an infected attachment.

Spelling misteakes and bad grammer (see what I did there?!)

If you see poor spelling, strange grammar, or unusual phrases in an email, once again, it’s a sign that the message is not legitimate. If you do communicate regularly with people using a language that is not their first, don’t beat up on them for the occasional error, and be tolerant of kids (and others) who use shorthand spellings, abbreviations, and slang, but no legitimate business is likely to send you an email full of spelling and grammar mistakes.

Requests for personal information

No legitimate business anywhere in the world will ever ask you for confidential information in an email. Anytime you receive a message that asks you to reply with any kind of sensitive or personally identifiable information, like your physical address, your account number, or your password, hit delete immediately.

In our next post we’ll look at some of the worst offenders to help you feel more confident about identifying spam.

Comments

Peter Walters May 3, 2012

What most people don’t realize is spammers often use poor spelling as a way to get around words commonly checked by spam filters. If possible, check your filter to see which words are being flagged, and add or remove terms as necessary for whatever it is you tend to use and not use your email for.

Tyrone Shane May 3, 2012

Just for added caution: among all the indicators listed, the single one thing that anyone should be in the lookout for is the requesting for personal informaton.

Sometimes, even opting in for a newsletter does not necessarily mean you wanted to sign up in the first place. So many a time when someone absentmindedly click on a “sign up” tick or link, just to get to another page on a site. You can decide to unsubscribe. However, also take note that clicking on links within an email can also trigger a malware attack.

The safest way is just to simply click on the SPAM button within your email client.

Casper Manes May 7, 2012

Good point Peter! And good advice Tyrone!
Thanks to both of you!

  • (required)
  • (required)