What is spam?
Before we discuss how to stop this practice, we need to get a definition of spam. What does spam mean and how does it work?
The term refers to unsolicited messages (usually emails or SMSs) sent out en masse. When advertisers use spamming tactics, it can be annoying. But when hackers get involved, things get ugly.
Billions of spam emails are sent every day. Whether it’s a “Sale Now On” or a “New Coronavirus Alert”, 94% of spams are contaminated with malware that could steal your details and crash your device. Fortunately, Gmail blocks more than 100 million phishing emails every single day, but most spam still manages to slip through the net. Phishing scams that used spam as a delivery method quadrupled in 2020, stealing millions from victims all over the world. And it's only getting worse.
Spam to watch out for in 2021
COVID-19 vaccine frauds, fake antibody tests, university and shopping scams — these are just a few of the biggest spam-scams in circulation right now.
- The COVID-19 vaccine scam: Beware of spam text messages, claiming to be from health services like the UK's NHS. After claiming that the recipient is eligible to apply for a vaccine, one fake NHS message directed victims to a bogus NHS site to fill in their name, address, and bank details. In reality, the NHS, or any other government body, will never ask for sensitive information via text, phone, or email.
- Fake news spam: If you get emails or text messages about controversial news, such as “the Pfizer/BioNTech vaccine not reaching the US until 2022”, for example, do not click on any links inside the message. Don't even open them. Many of them contain malicious attachments that will install malware and keyloggers on your device, which can then be used to steal your logins.
- Shopping and university scams: Criminals are making the most of lockdowns, during which many people have started shopping exclusively online. Look out for a sudden influx of emails mentioning exclusive sales or asking you to “confirm your details”. It’s usually a trap. Likewise, watch out for university emails that seem to spike around new semesters. Claiming to be from the IT department, spammers usually ask you to reset your logins.
But how do spammers get your details? If you want to protect yourself against these unwanted messages, it's worth knowing what made you a target in the first place. Spammers need as many working email addresses or phone numbers as they can find. This is known as data harvesting or scraping.
Here are 6 ways spammers get your email address or phone number:
- Your email address was sold: Some website owners strike deals with spammers to sell their customers’ email addresses. Any revenue made from you is then shared with the owner.
- You signed up for a “free” service: Some products or services are free of charge as long as you provide your email address. Services that offer things like daily quotes or stock alerts often use their subscribers as spam targets.
- It was stolen by a web spider: Spammers use programs called web spiders or harvest bots to find email addresses on websites. If your email address can be seen anywhere on the internet, they can find it.
- It was traded between spammers: Vast lists of email addresses and phone numbers are often traded between spammers, so your details could be in circulation for years.
- Your device was infected with a virus: Spammer viruses scan your computer's disk drives for email addresses. If you’re connected to a shared network (at work, for example), spammers may be able to intercept traffic between you and others to steal email addresses.
- Your details were leaked: Last year, 280 million email addresses were leaked from a Microsoft database, and that was just one of the countless data breaches in 2020.
But don’t despair — with the quick tips below, it's easy to protect your details and fight back against spam.
How to stop spam
Here are some things you can do to stop spam and protect your details to avoid getting spammed again:
- Report, don’t delete: Don’t just delete spam emails. Select them and report them as spam. Gmail has a Report Spam button in the toolbar. Reporting spam helps train filters to detect spam in the future, as well as helping your email client protect other users.
- Block, don’t unsubscribe: Select the spam email and block it. How you do this will differ depending on your email client. Sometimes, the ‘Unsubscribe’ link on a spam email is designed to take you to a site loaded with malware. Other times, the ‘Unsubscribe’ button is corrupt and will download malware, ransomware, and other malicious viruses onto your device, blessing you with a second avalanche of spam hell.
- Use a disposable email address: Tools like Blur and Spamex let you use disposable emails for signing up to websites, so you can keep your real one private. They even let you create instant virtual burner cards to pay for things online, so you don’t risk your main bank account details. Alternatively, use a seperate email address for casual signups like chat rooms, shopping, and streaming services.
- Hang up and call the company: Robocalls are obvious. But what if a spammer has spoofed the number of a real company, like a bank, and is asking you to confirm your card details to “investigate fraudulent activity”? The aim is to use imminent danger to pressure you into giving them your details, with little time to suspect them. Hang up immediately and call the bank's phone number yourself to make sure there isn’t a problem. Your bank will never ask for your card details over the phone. If the same number attempts to spam you with phone calls, block it in your phone settings.
Want to read more like this?
Get the latest news and tips from NordVPN
We won't spam and you will always be able to unsubscribe