Last updated: Jan 4, 2024

Identifying Spam

Spam seems to be unavoidable in today’s modern communications. Most spam messages are relatively harmless advertisements and promotions, but there are some with a more nefarious purpose that can end up costing you and your business. Most people know not to open unexpected messages from unknown sources, but as technology continues to evolve – so do the spam techniques. Did you know that some of today’s spammers even going so far as to disguise themselves as sources that you trust? So, how do you best go about identifying spam? Let’s cover some ways you can be better prepared for spammer’s tricks.

Identifying Spam Email

When it comes to your email inbox, rule number one is to never click on links that you didn’t request. Sometimes it will appear as an official email from a trusted source. If it claims that you need to change your password, or that you need to click a link to do anything with your personal information and you did NOT request it, it’s likely a scam. It’s always best to navigate to the trusted website or app directly to see what’s going on, and if needed, make the changes there. And remember, never open attachments in emails that you didn’t request.  

Here are a few things that you can check for, if you’re unsure if an email might be spam

Do you recognize the sender? Does their email address domain match the domain you’d expect that company to be sending from?

For instance, if the email is from The United Way – is the sender’s domain “@unitedway.org”? Be sure to double-check the spelling. Often times spammers will use domains that are similar, but spelled slightly different, ie untiedway.org. Also, check their email address carefully! They can use something like “infromation@” (the “o” and “r” are reversed, at first glance you might not catch it.) Spammers will also use ambiguous emails such as “shopping@amazon.com.” Or subject lines with something that might pique your interest, such as “You won a free vacation!”.

If you do recognize the sender’s email, it’s still possible it’s being faked.

This is a technique called email spoofing. Even though the message appears to be from a known contact, its actually from a spammer impersonating them. Fortunately, these messages are often marked as spam, though there are cases when they make it your inbox, so it’s best to keep a look-out. This article from How-To Geek outlines how email spoofing works.

Does the email content seem suspicious? Does it ask for your personal information? It is about a service you don’t use?

If it’s not something you remember signing up for, don’t click any links or give any of your personal information. Scammers are known for creating websites that closely resemble the legitimate website, but are actually just there to collect your private information.

Does it tell you something happened or will happen that seems unlikely?

For instance, your account will be locked if you don’t respond within 24 hours. Often times scammers use a deadline to rush you into taking action without paying close attention. The safest way to see any outstanding notices on your account is to login to the website directly and check your account there.

Are there misspellings or other grammatical errors?

Most large companies will have their emails proofed for spelling and grammar before they’re sent. Spammers however typically don’t make the effort. A misspelling or odd phrasing can be a clue that it’s not a legitimate email.

Is there an attachment? Don’t open any attachments that you weren’t expecting!

If it appears to be from a friend or colleague, double-check using a different communication method before opening it. This can be an easy way to infect your computer with a virus or other malware.

Is there a link? Read it carefully.

When in doubt, navigate to the trusted site directly through your browser by typing the website address manually or using an existing bookmark. 

Is the sender from the company they say they are?

Sometimes a simple Google search can tell you more about how certain companies correspond, or if a company has put out any warnings about potential scams using their name. 

Still not sure?

If you still aren’t sure, this site can help identify known spam email addresses. Enter the sender’s email and see if they’re a known spammer.

The bottom line is, read carefully and be cautious. Most of us have a tendency to skim emails with the sheer volume that fills our inboxes. If something is unexpected, doesn’t seem right, is requesting your personal information, or wants you to download something – better to double check, than be sorry. 

Identifying Spam Texts

As texting has become a more prevalent form of communication, spammers have begun to shift their efforts to sending spam text messages. You may have received a questionable looking message from a number claiming to be bank or a frequently used service like Amazon. They might claim that your account will be closed or a reward lost, if “you don’t click this link” now. In general, the tactics are similar to email scams and many of the same rules can be applied. Here are a couple additional tips :

Always be sure to double check the sender

If it seems official – use the same steps above and login to your account directly through your browser to double-check your information, or contact the company directly. If you’re not sure if the number is associated with the company, try a google search of the number to see where it comes from. You can also contact the company directly by going to their official contact page, calling and asking.

Never click on a link you didn’t request

If you find the source not to be legitimate, you can forward it to 7726 (SPAM) which can help your carrier to find and block similar messages. You can also mark it as spam in your messaging app or report it directly to the FTC at ReportFraud.ftc.gov.

You can find some great examples of notorious text scams on the FTC’s website.

Spam Letters (Yes, the Paper Kind) 

There are many types of spam letters out there, from organizations supposedly taking donations to people impersonating family members asking for help. Though electronic scams are more prevalent in this day and age, spam letters are often targeted at older people who aren’t as tech-savvy or people who subscribe to a lot of mailing lists. If you order from catalogs or give out your address for contest entries, you could be a target.

One of the most common scams we get questions about is receiving a domain renewal letter in the physical mail. The letter claims that your domain is up for renewal soon (which may be true) and includes a price (usually quite high) as well as a place to include payment. It’s often from a general, official sounding company like ‘Domain Services of America’ or similar.

Example of a spam domain letter
Example of a scam domain renewal letter. Credit DomainRegistry.com

Like the phone book, the contact information for a domain is listed publicly online by default. The public nature of this information makes these types of renewal scams particularly easy to perform. They tend to be more believable as some of the information they’re providing is accurate. The tangible nature of the letter also makes it feel more legitimate.

What makes it a scam is the inflated price and that these letters are often authorizing transfer of the domain to the registrar operated by the scam sender. Going forward with this renewal can lead to a variety of other problems including website and email downtime, to even losing control of the domain completely. Read more about the domain renewal scam here .

If you receive one of these letters, navigate directly to the account where you purchased your domain (or have your IT professional do so) and check your renewal date there. Most domain renewal notices come via email. It’s best to set reminders for your due date, or login directly to check if you aren’t sure. Odds are that the domain renewal letter should end up in the recycling. 

A Few Final Tips

There are a few services you may have heard of such as Unroll.me, that promise to rid you of spam through very little effort of your own. They may help a bit depending on your situation, but some are costly and don’t necessarily do as they promise. You can read more about some of these options, as well as alternatives that you can do on your own to limit your incoming spam in this NY Times article.

So, there you have a few simple tips to help you with identifying spam, to avoid some serious trouble online. Remember:

  • Double check the sender.
  • Don’t click links or call numbers that you didn’t request.
  • When in doubt, login directly to check your info.

Spam schemes are always changing and evolving. Stay on your toes and always double-check if you aren’t sure. When it comes to your personal information online, safe is always better than sorry.