Dealing with spam is certainly annoying. Even worse, it can also represent an underappreciated source of vulnerability for computer systems. Phishing scams, bogus offers, and malware can cost both enterprises and individual users both time and money. E-mail attachments can contain executable files capable of wreaking havoc when opened by an unwary employee.
The U.S. federal government has issued a set of recommendations for how both users and enterprises can protect themselves from such attacks and limit the amount of unwanted commercial e-mail appearing in their inboxes. The recommendations can be found on its OnGuardOnline.gov Web site, an initiative run by the Federal Trade Commission in partnership with the Department of Homeland Security and other agencies.
What Users Can Do
The first step enterprises can take to protect themselves from spam is by simply reducing the amount arriving in employee inboxes. An e-mail filter is the most basic tool for accomplishing this, and many e-mail clients provide built-in functions that either block suspected spam entirely or channel it to a bulk e-mail folder. Some Internet service providers (ISPs) also provide e-mail filters.
Users can also proactively limit exposure to commercial e-mail by using two e-mail addresses: one for personal messages, and another for shopping newsletters, chat rooms, coupons and other services. Individuals can also take advantage of disposable e-mail address services that forward messages to a permanent account. That way, if a disposable address begins receiving spam, a user can shut down the account without affecting their permanent address.
The government also recommends that users not display their e-mail address in public. That includes blog posts, chat rooms, social networking sites or online membership directories. Spammers can use automated tools to scrape those sites for e-mail addresses in bulk.
Another simple, but effective step users can take is to read up on privacy policies and deselect check boxes when submitting an e-mail address to a Web site. A Web site may say if they will sell an e-mail address to a third party in its privacy policies, while a pre-checked box will often automatically sign a user up to receive e-mail updates from the company or its partners. Users should opt-out of these agreements whenever they can.
Even something as simple as the choice of e-mail address can affect the amount of spam an account receives. Since spammers send out millions of messages to probable name combinations at the largest ISPs and e-mail services, choosing an unusual combination or name can reduce the amount of opportunistic e-mails received.
Fighting the Botnets
Users also need to take steps to protect themselves from so-called "botnets." Hackers and spammers troll the Internet looking for computers that are not protected by up-to-date security software. When they find unprotected computers, they try to install malware that allows them to control the computers remotely.
Many thousands of these computers linked together make up a "botnet," a network used by spammers to send millions of e-mails at once. Millions of home computers are part of botnets. In fact, most spam is sent this way.
Users can reduce the likelihood that their device will be hijacked by a botnet by adopting good security practices and disconnecting from the Internet while away from the machine. Users should also be cautious when opening or downloading files from e-mails, even when sent by a friend or coworker. Likewise, users should always explain the nature of an e-mail attachment in the body of an e-mail when sending one themselves.
Posted: 2015-01-04 @ 4:47pm PT
We can't agree more. That's why we established Soodonims.com (disposable mail) for our internal SPAM issue. It proved so effective we offered it to others to use.
There are others to use as well, such as Spamgourmet and many others. Look around and find one that will a) shield your email address from view, and b) is easily disposed of if it becomes corrupt.