If you use email, text/SMS messaging, or other messengers, you know the pain of spam. It wastes time, can deliver malware, and can give hackers access to your data and money. You may wonder, “Why am I getting so much spam? And what can I do about it?” Let’s dive into those questions.
Spam is the name for unsolicited “junk” messages received by email, text/SMS message, social media messaging system, or some other messaging system. Note that it’s not spelled SPAM (all caps) because it’s not an acronym.
Note: You can find other definitions in the Defending Digital Glossary.
You know that spam wastes time, because you need to evaluate messages to determine if they’re spam. No matter how good a spam filter is, some spam will get through. But there are other dangers to spam.
Spam can result in your device (computer, phone, or tablet) being infected by malware. Some spam messages include infected attachments. Other spam messages include links to infected websites, which deliver malware.
Spam can give hackers access to your accounts and data. A phishing message is a fraudulent message that attempts to steal info. For example, you may receive an email that appears to be from Microsoft, asking you to click a link to log into your Microsoft account. But the link actually points to a malicious website disguised to look like Microsoft’s site, which steals your login info as soon as you enter it. The hacker now has access to all the data in your Microsoft account.
It’s not just your data that hackers can get access to; they can also go after your money. For example, you may receive an email that appears to be from your bank, asking you to click a link to log in. But the link actually points to a malicious website disguised to look like your bank, which steals your login info as soon as you enter it. The hacker now has access to your bank account.
Why You’re Getting So Much Spam
Are you getting a lot of spam? You may be unwittingly inviting spammers to target you, if you’re doing the following things.
Are you using a small or relatively unknown email service provider? Not all spam-filtering is created equal, and small providers may not have the best spam-filtering technology. Or, they may charge you extra to have it.
Do you publicly post your email address or phone number on social media, forums, websites, etc.? Spammers use spambots (software) to harvest email addresses and phone numbers from the Internet.
Do you sign up for newsletters, or enter giveaways and contests? Companies may sell or give away your contact info to others, to market to you.
Do you click links in obvious spam? If so, you may be confirming to spammers that your address or number is owned by a live human.
Do you click the unsubscribe link in obvious spam, or text STOP to spam texts? This too can confirm your address to spammers.
Do you reply to obvious spam, asking the sender to stop contacting you? This too can confirm your address to spammers.
Unfortunately, these practices could be increasing the amount of spam you receive.
How to Increase Your Security
Let’s look at the steps you can take to reduce the amount of spam you receive in the future. Then, we’ll look at how to handle spam you’ve already received.
How to Prevent Future Spam
Giant email service providers, such as Google’s Gmail and Microsoft’s Outlook.com (and Hotmail) tend to have effective spam filters that let very little spam through. When possible, use a service with solid spam-filtering.
Don’t publicly post your email address or phone number, on social media, forums, websites, etc. If possible, completely avoid including your email address or phone number in profiles and websites. If you must include them, use the privacy settings to minimize the number of people who can see them.
If you have a website, don’t put your email address or phone number on it, if possible. It’s better to put a contact form on the website, which people can fill out to contact you.
As much as possible, avoid giving your email address or phone number to companies. If you must give an email address, consider setting up a separate “junk” email account to protect your main email address. You can also set up an Internet phone number using Google Voice or a similar service, to protect your main phone number.
Don’t click links in obvious spam.
Some websites will protect your email address by offering an email relay. Whenever a site offers a relay option when communicating with strangers, use it. For example, when you post on Craigslist, and someone views your post and clicks Reply to contact you, the email address they see looks like firstname.lastname@example.org. When the buyer emails that address, Craigslist routes the email to you. When you reply, the buyer sees your email address as something like email@example.com. This protects both parties from seeing each other’s email address.
You’ve seen emails that have an unsubscribe link at the bottom. You’ve received texts that say, “Reply STOP to opt out.” Will these options stop spam? Here’s the rule of thumb:
- If you recognize the sender’s address or number as a legitimate one, belonging to a legitimate organization, it should be safe to hit unsubscribe or reply STOP. If in doubt, simply mark as spam.
- For any other sender, simply mark as spam.
The same rule of thumb applies to replying to messages, asking them to stop contacting you.
In the next section, we’ll look at how to handle spam you’ve already received. Some of those steps will also reduce the amount of spam you receive in the future.
How to Report Spam You’ve Already Received
What should you do when you receive a spam message by email, text, or some other messenger? Most systems have an easy way to mark a message as spam or junk.
Depending on the system, this may create a rule on your device or within your account, and it may also be reported to the messaging platform so they can improve spam-filtering for all users.
Phishing is more dangerous than plain spam, because it tries to steal your information. Some systems have a special way to report phishing, and I recommend that you use it, to help protect others. For example, in Gmail, open a message and in the top right (next to the Reply button), click More (3 vertical dots), then Report phishing.
Usually, marking a message as spam and blocking the sender are two separate actions. Marking a message as spam doesn’t necessarily stop future messages from that sender, but blocking the sender does. Unfortunately, spammers often change the address or number they’re sending from.
Let’s look at how to report spam in a few popular platforms.
Report Spam in Gmail
If you’re using Gmail on the Web, when you’re looking at a list of emails, you can check the box next to the email, then click the Report spam button at the top of the screen.
If you’re using the Gmail app, select an email, then in the top right, tap More (3 vertical dots), then Report spam.
Report Spam in Outlook.com
Select the email, then, in the top toolbar, click Junk (or Spam), then Junk (or Spam). Learn more.
Report Spam in Android Messages
Touch and hold the conversation you want to report, then tap Block, then Report spam. Learn more.
Report Spam in Apple Messages
If you receive a message from someone who isn’t in your contacts, you can tap the Report Junk link under the message. Learn more.
Report Spam Text (SMS) Messages to Mobile Carriers
To report a spam text (SMS) message, select or copy the text message and send it to 7726 (SPAM). This works for AT&T, Verizon Wireless, T-Mobile, and Sprint.
Report Spam on Social Media
Here are instructions for reporting spam on various social media platforms.
To find others, search the Web for how report spam and the name of the platform. For example, how report spam Meetup.
- How to Recognize and Report Spam Text Messages (ftc.gov)
- How to Recognize and Avoid Phishing Scams (ftc.gov)
What You Should Do
- Use services with strong spam-filtering, whenever possible.
- Don’t publicly post your email address or phone number, on social media, forums, websites, etc. If you must include them, use privacy settings to minimize the number of people who can see them.
- Avoid giving your email address or phone number to companies, as much as possible. If you must, give a “junk” address or number.
- Don’t click links in obvious spam.
- Only use the unsubscribe link or text STOP if you recognize the sender’s address or number as a legitimate one, belonging to a legitimate organization. For any other sender, simply mark as spam.
- Mark spam messages as spam, to improve filtering for everyone.
- Mark phishing messages as phishing, to improve filtering for everyone.