Getting rid of spam

Everybody using a PC and the internet has a slight idea of what spam is. If not, you could check out the explanation on Webopedia. In short it is (almost) any form of unsolicited email that gets into our mailbox, generally advertising products. Spamming is a great example on how you can take advantage of the human nature. When spam is being sent it’s usually targeted for the masses – in the “male” case, a lot of this spam is intended for viagra or other similar products. Whereas in the female case, a lot of this spam is intended for breast implants and such. Not to mention financial scams, like Nigerian 419 or bank phishing, where the altruist sentiment is being triggered or just the worrying feeling that something might be wrong with you bank account gets people to hand out their credentials without even suspecting.

How do we get to receive spam?

Spammers generally use mail lists (which can easily be bought or just found online) – files containing many (up to millions) email addresses found somehow on the internet.

  • email spiders

Email addresses can be found using specialized software (called email spiders or scrapers) that looks for certain text patterns on websites (the most general example is the “@” sign).

  • database leaks

Email addresses are one of the most common things that are included in online databases, usually being associated with an username and a password. Databases are frequently targeted by maliciously-intended people due to the value of the information that its holding. From just a single breach, thousands and even milion email addresses can be leaked from these sources.

There are also online services that you can use to check if your email address is leaked or compromised, like PwnedList or IsLeaked.

  • subscribing

Another example of how mail lists get formed is by subscribing to them. Many websites and blogs offers the possibility to enroll in their mail list so that you will get an email everytime something new is posted. While anybody would like such an option from our favourite website, this does not change the fact that your email will be used by others when having the posiblity.

How can we avoid getting spam?

no-spam

Everybody hates it, but not everybody realizes that half of the reason why they are being spam is because of their fault. In most of the cases we cannot control what is happening to those that are handling our email addresses within their databases or programs. What we can control is the level of visibility on our email and how do we manage our emails. Below you can see some of the practices that I use in order to avoid spam:

1. Don’t post your email online in clear text

Making your email address not being detected by email spiders or scrapers is as simple as not posting your email online in clear text. For the cases where we really want to do that we can do it a differen fashion, like encoding it using Javascript or posting a picture of the mail address. Other cases might include directing others to a contact form instead of a email address for further discussions.

2. Use email filters 

Email filters are a great functionality of email clients and webmails. By using these you can direct any mail based on some patterns like the sending email address or certain words in the emails content and subject. (e.g. any mail subject containing the word “Buy” will redirect the mail to the Junk folder).

In Gmail – go to “Settings” -> “Filter” or directly here.

In Thunderbird – go to to “Tools” -> “Message Filters” and then “New”

thunderbird-filter

3. Use separate email addresses

I have multiple email addresses, each with its own purpose, either being for banking, certain online accounts or just junk mail. By doing this I eliminate the possibility of my email address being compromised or leaked because I am reducing my “attack surface” – basically I’m using the email address where I only need it.

Handling multiple email addresses is relatively easy, and I use an email client for this. I recommend Thunderbird.

4. Use disposable email

In some cases we create our account because we want to use the services associated with the account for a longer period and in other cases we create our account just to download a file or read an article. I call the first category of accounts “serious” and the second category “junk” or “disposable”. For this disposable category I often use disposable mail services, where email addresses are either created for a short period of time or either are freely accessible by anybody. The bad part about this is that websites are starting to forbid using these kind of services but the good part is that you can almost always find another one that has not been blacklisted yet.

An impressive list of these disposable mail services can be found here. My personal favourite are:

To wrap it up, spam has been there, is there and will be there for a long time. What we can do is to apply some thinking and some practices that would reduce the possibility of us getting on a spam list.