Full Inbox: How spam is making a comeback

Spam is back. But this new spam is harder to deal with. Here are some tips to help.

by / September 9, 2013 0



Photo credit: Shutterstock/Copyright by Sven Hoppe

It’s Monday morning. After getting a cup of coffee, you log onto your network and bring up your work email. You quickly glance down at dozens of emails, seeing only a few that require attention. The list of topics may be intriguing, but most emails will be quickly deleted.

Do these email subjects / thoughts seem familiar?

“You’re confirmed for tomorrow’s seminar” – (But I never signed up for any seminar…)

“Ten must-use tech tips for virtualization” – (I’m sick of these tech tips from that magazine…)

“Can we chat this week?” – (I never should have connected with that salesperson on LinkedIn…)

“Top webcasts of the week…” (Who are those guys?)

“Stop wasting time…” (You could have helped by not sending this email…)

Even after over 90% of incoming emails are blocked via spam filters, my inbox still seems to fill up with unwanted email. We’ve got social media sites, magazines, vendors and more - all sending us more messages than ever. What can be done? Is there any hope to truly solve this problem?

While there are no easy fixes, there are some things we can do to unclutter our inboxes. But before we can fix the problem, we need to examine how we got into this new spam mess in the first place.

Help – my inbox is full again!

Perhaps you wonder why this spam problem is growing again for many people. Haven’t we already fixed this spam issue years ago?

The first challenge that everyone has, is defining what spam is. Most people think of spam as any email that they don’t want to see. However, one person’s spam is someone else’s must-read newsletter or great one-time offer.

But can’t the technology know (or learn) what I like? Yes and no.

Over the years, state-of-the-art spam filters have gotten pretty good at detecting and filtering out emails from unsolicited sources that somehow got your email address. (One look at your Gmail or Yahoo spam folder will likely demonstrate that many messages are already being sent off on a detour from your inbox.)

This spam detection is based on many technical factors – including the source address reputation, scale of email sent (number of messages), manual filters that the end user has put in place to block unwanted topics or people, etc.

However, in response, many “trusted” sources are sending more emails than ever to test the limits of our “relationship” with that source. New on the scene: Social network sites send us updates when people like our updates or posts. Also, magazines and news sites, which we subscribed to at some point in the past via an online sign-up process (or perhaps we didn’t uncheck a box), sell our email addresses to “partners.”

Emails from these “trusted” sources have an ever-growing number of ways to end up in our inboxes. What’s worse, trying to unsubscribe to some magazines or newsletters can occasionally bring even more unwanted email, since those sites don’t stop sending emails. Rather, they use your unsubscribe request as a further proof that you are a good email address to share. Sadly, it is often difficult to know what actually happens when requests are made to unsubscribe to listserves.

There are even stories of new spam techniques being used by “bad guys” to hide id theft. However, that topic is for another day.

A spam plan?

So what can be done?

First, unsubscribe to email updates from your social networking sites. Getting an email every time someone in LinkedIn or Facebook likes your post or picture will quickly fill up any inbox.

Second, use your company’s anti-spam tool to its fullest capability. Many anti-spam tools allow for email from certain senders or subject matters to be automatically sent to spam folders. Get training and make sure you know how to use the software to gain the upper-hand against spammers.

Third, you can follow some of these 25 most popular anti-spam tips, which can help at home and work. The list covers some great ideas. Still, the best way to not be spammed is to not give out your email address – which is difficult in government where our information is often publicly accessible via websites or Freedom of Information Act (FOIA) requests.

One last point. Some of those emails are also malicious. Spear-phishing remains a top challenge for governments and businesses around the world - so be extra careful opening emails and clicking on links from non-trusted sources. Even trusted sources can sometimes be a problem, if a friend forwards a bad link.

Bottom line, the solution is to develop a personal spam plan and stick with it - using the tips provided. 

Any stories to share on spam?


Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso