10 Tips to Avoid Spam
on
July 7, 2010
Education is an integral part of security. Educating your employees can be an effective defence against attacks; it can also help save money in some cases. Part of your bandwidth costs is consumed by spam and as such educating employees on how to protect their email address can result in less spam which when multiplied by the number of employees can in turn result in a cost saving measure.
Below are 10 tips on how one can protect his email address to minimise the risk of getting spammed. Conveying these tips to all the users in your organization could help reduce the volume of spam received.
- Spammers in most cases need to know your email address before they can spam you so keep your email address to yourself as much as possible and use it only for work purposes.
- When posting on a forum do not include your email address as part of your signature.
- Guest books are a prime source for the harvesting of email addresses that spammers use. Some guest books automatically hyperlink your email to your username; avoid posting in such forums and never include your email address in the post itself. Do not use your work email for this kind of personal use. If you do not have an alternative email address consider using free services such as Google mail, Yahoo! mail or Hotmail.
- When signing up for forums, offers and other public services never use your work email address; if it doesn’t break the terms of use, consider using disposable email addresses. If terms prohibit the use of disposable email, use free email services that include spam filtering.
- Never click on links in a spam email; in some cases clicking will result in you confirming to the spammer that the email address is valid and the user is likely to click on links thus making you a prime target for more spam and phishing attacks.
- Always review the privacy terms on sites before registering. You need to know that whoever you’re signing up with will not give away your email address to third parties who might actually end up selling your email address for money.
- If you use IRC and chatrooms ensure that you’re not displaying your email address publicly (some IRC clients do this by default).
- If you have a personal website, do not publish your work or personal email on it. Spammers use scanners that harvest such emails as well. Use free email services for this purpose.
- Do not use the unsubscribe links in spam emails, in some case that will actually confirm the email address is valid to the spammer.
- Do not open attachments in spam, you could get infected with Trojans that will send your email contacts to a spammer as well as entrap you in a spammer distribution chain i.e. your computer might be the one that the spammer uses to send spam emails.
Excellent advice! I would also add that if you have a blog or website, don’t link your email address to a contact me link or otherwise display it. Instead, use a contact form with CAPTCHA. Spammers have bots that troll the net and harvest addresses from webpages.
Protecting your contact email via a Captcha is indeed an excellent suggestion, thanks for sharing that with us Sue!
Another suggestion: If you need to put your email address where it can be viewable, spell it out. eg: iambabyhuey [at] gmail [dot] com. I’m sure a real person (provided he has an IQ of at least 80 which is even below average) will be able to identify that, but auto email harvesters won’t.
I have 3 email addresses: One for work, one for personal use, and one to sign up for accounts or wherever an email is required but I don’t really need email correspondence with.
Hi Iam, what you’re suggesting might help a little, I would use other acronyms than [at] and [dot] since they’re pretty comment nowadays and harvesters probably parse then but as a concept it’s good.
Using different email addresses as Lashawn suggests is also a good idea, it’s a system I employ myself. I too use certain emails in environments like forums that are more at risk to be harvested by spammers.
Great list. Fundamental, but extremely insightful with regards to the business practices of most employees. I think accomplishing number 5 in particular is asking a bit too much of the staff, but implementing numbers 2 and 9 are definitely feasible. I’ve never considered spam to take on too much bandwidth, but with hundreds of employees and so much activity online, I can see how the avoidance of spam can ease off on server activity.
@Lashawn
I actually have the same setup. A single email for office and work use, another one for personal correspondence, and finally one more to sign up for services, forums and communities where an e-mail is required. Even with that kind of setup, you won’t believe the amount of spam I receive: the occasional one at the office, then a few at home, but it just astounds me how full my inbox gets during the times I check my third.
@Vera, it’s true that it is particularly difficult to convince employees to avoid clicking on links in their email. If that doesn’t work one may choose a technological solution that stops link usage in emails or even simply use an email client that can be configured to disallow clicking on links. Failing that another possiblity is to use a proxy that ensures sites being visited by employees are known to not be malicious or better yet that is able to scan the actual traffic.
@Drake & Lashawm
Using an email address to subscribe to websites and especially using it in forums and communities (especially guestbooks) is indeed asking to be spammed. Sometimes if you subscribe to a web service that you will not need to communicate with via email, using a disposable email address can save you from a lot of spam.
@Vera
I definitely agree with Emmanuel on installing a technological solution if a human one isn’t viable. There are definitely a multitude of solutions you can choose in hopes of limiting the visits of wayward users to liscened and safe sites. It may sound a bit restrictive, but it the measure is necessary to keep your company’s security and systems in check. It’s better to do that then get hit with uncontrollable amounts of spam.