Spam in general means any unsolicited emails or text messages which are sent out to a large number of recipients. It is usually aimed at promoting or advertising questionable products or services, but the worst thing is that spam emails are quite often infected with malware.
Spamming has reached incredible scales. According to Statista, the record high volume of spamming was estimated in July 2021 with 282.93 billion of junk emails. It makes more than 84% of a total amount of emails sent across the globe. The activity of spammers increased due to COVID-19 pandemic as well. Now it reaches an unbelievable 90% of the world’s email traffic.
Let’s get back to the origin of this term. The word “spam” actually had no negative connotation some 80 years ago, in the 40s. Spam was the brand name for canned food by the Hormel Foods Corporation, which produced meat rations for soldiers during World War II. Many items were left after the war, so spam canned food appeared in aggressive advertisements literally everywhere for selling them before the expiry date. When annoying bulk mailings appeared, it reminded users of the omnipresent spam ads, so this word couldn’t suit better.
Sometimes spam emails are written very skillfully so that you fail to identify them just at once. However, there are certain features that will help you recognize even the most outstanding spam masterpieces. Let’s check them out.
If you pay attention to the details below, you will see the unwanted guests in your inbox even by a quick glance.
Spam emails clutter up your inbox at best, if they fail to bring real damage. The motives may be different, but spam is mostly aimed at stealing money or personal data through malicious links or attachments. According to Sift Q1 2021 Trust & Safety Index, there was a 600% increase in email malware attacks in 2020 compared to 2019. Spam, as part of the email security problem, remains a challenging issue. Therefore, Greathorn 2021 Email Security Benchmark Report even named email security as the top IT security project of 2021.
The attempts to fight spam result in situations where good emails get marked as spam and fail to reach the recipients. This is the other side of the medal, since getting emails to the inbox is an essential part for email marketers. Mail services have worked out sophisticated anti-spam solutions, which is fair for users’ comfort, but marketers need to take them into account while planning a campaign. Why? The answer is simple: security systems are smart, but not enough to detect legitimate senders and spammers without faults. Therefore, even one simple mistake may be regarded as a spam attribute and undermine your email campaign.
Here is a checklist to keep your emails out of a spam folder:
According to the US CAN-SPAM Act, commercial messages are defined as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service”. So, even if you announce the launch of a new product in an email, it will be regarded as a commercial message. Thus, you should strictly comply with all the legal requirements to avoid a spam label.
It has already become a spam classic: an urgent warning that your computer was infected with a very dangerous virus, and the only thing that can help is to click the link with the necessary “software”. Usually, it is an obvious fake, but sometimes such emails look reliable for a recipient, for example, when the sender is allegedly an antivirus provider. Look at this screenshot:
This fake alert looks very authentic, however, exclamation marks, capslock and “a final notification” might warn the user.
Email spoofing is a technique that was used in the example above – the aim is to make a user think that a message came from a reliable or familiar sender. A spoofed email looks legitimate: though the address may be forged, the mail body contains a logo and other corporate identity elements. The ultimate goal of email spoofing is to deliver an injurious message or software. The attackers want to make a user open the email, and preferably respond to a message (provide a password, credit card number) or click a malware link. Spoofing often serves as a part of a phishing attack, which we will discuss in the next block.
Another spam classic: a joyful notification about your alleged winning a lottery, a game, sweepstakes, etc. You should hurry up to take your prize, for example, by clicking a dangerous link or submitting sensitive personal data. Any promises of free money or prizes should be dismissed.
This is the most brutal type of spam email. There is always a story behind it: a fantastic crime story (like in the example below), or a shameless begging to help a child who is allegedly suffering from a disease. Always double-check this information.
Spam emails do not necessarily contain malware, as we may see, it may be unwanted ads, newsletters, coupons, adult content, or any other unsolicited information that clutter up your inbox.
Unlike that, phishing is a type of a cyberattack that is designed at acquiring sensitive information. Email phishing may look legitimate through spoofing, but the content will definitely have a request to fill in a form, share personal data, click a link, etc. The general recommendations are the same as with detecting spam: always pay attention to spelling, language style, the address and the links attached.
Generally speaking, once you share your email somewhere, you are unable to control it further. The address may be added to some particular database or just sold. Here are some scenarios that may end up with you getting spam:
We could have recommended not to do the things mentioned in the previous paragraph, but this is obviously impossible. Therefore, try to follow these recommendations that will help to reduce spam:
Governments across the globe fight with spammers at the legislative level. Let’s check out the legal requirements in different countries, paying the punishments – the sums are quite impressive.
Since January 2004, the federal law CAN-SPAM Act (the Controlling the Assault of Non-Solicited Pornography And Marketing Act) has been in effect in the United States. It regulates the rules for sending advertising emails and also establishes liability for spammers.
The CAN-SPAM Act contains several basic provisions which have become universal email marketing standards. To put it briefly:
So, the CAN-SPAM applies not only to spammers but to all commercial emails. The only exception is transactional” or “relationship” messages.
The punishment is tough: according to FTC, each separate email violating the CAN-SPAM Act is subject to penalties of up to $43,7928.
The Privacy and Electronic Communications (EC Directive) Regulations 2003 is the anti-spam policy in the UK. Its principal point is that all the direct marketing messages can be sent only upon permission from the recipient and only in case of a previously established relationship. Also, the identity of the sender should be clear, and an unsubscription option should be visible and simple.
The violation of the legal requirements in the UK can result in a fine of up to £5 000 ($6 699) and even criminal prosecution.
Canada’s anti-spam legislation (CASL) is the federal law dealing with spam and other electronic communication means. It took into effect in 2014. CASL establishes the definition of CEM, which is any electronic message that encourages participation in a commercial activity. As well as in the UK, the document requires Canadian and global organizations that send CEMs to receive consent from recipients before sending out messages. In order to protect users, their consent is valid only if your request has a clear description of the proposed content, detailed contact information, and an opt-out option.
The penalties for violation impress: the fines under CASL are up to $1 million per violation for individuals and $10 million for companies.
The Spam Act 2003 and the Spam Regulations set out responsibilities for spamming under Australian law. Its main features are familiar: before sending emails you should get permission, clearly identify you as the sender and provide an easy unsubscribe option for recipients. Note: it is illegal to use or supply address-harvesting software.
The fines are also severe – up to $400 per email that does not comply with the legislation.
Europe’s long-planned data privacy and security law – the General Data Protection Regulation (GDPR) – came into effect in May 2018. This is the core of the EU digital privacy legislation which is applicable in all the countries of the block. Under this act, any organization dealing with personal data from the EU is obliged to comply with the GDPR.
Concerning anti-spam policy, there are basic points that are common for other jurisdictions as well:
The GDPR is the toughest privacy and security law in the world: the penalties for violations are up to $20 million or up to 4% of an entity’s total global turnover in the preceding year.
The spam folder is a problem for all the parties involved: a user, a business, and an email marketer. Fraud victims lose money or get their computers infected; clients receive no information about you since your emails end up as spam. Moreover, there can be serious consequences: domain disconnection, lawsuits and fines.
First, think of your own digital security and beware of spammers:
At the same time, every company’s email has a chance to be labeled as spam. But it doesn’t mean that you should give up: follow our tips to do everything right. Check out these factors: