This content is viewable by Everyone
- Service:IT Security Outreach and Training
Most of us have received unsolicited email at one time or another. Most of the time, we just delete the message and get on with our lives. However, there may be times when some of the content of this email is so offensive or so obviously an illegal scam that we ask ourselves, "How do these people get my address, and what can I do to stop this?"
Good question. Let's first examine how spammers may get your address.
How do spammers and marketers get my address?
- Usenet groups (also known as newsgroups, bulletin boards or discussion groups): When you post to these discussion groups, your email address is included. This information is readily available and collected by advertisers.
- Websites: If your email is listed on a website, advertisers will use scanners, also known as "harvesters," to collect your address along with others.
- Download sites: Often, when you download a piece of software from a legitimate business, they ask for your personal information, including your email address. Sometimes these sites will share their mailing lists with other companies or sell it to other businesses.
- Your friends: How many times have you read a joke and forwarded it to a group of friends? If the joke really is funny (or more often, if it's a bad joke), those friends probably share it with others. Eventually, an advertiser may get in the loop and grab all those legitimate addresses for its database.
So what can I do?
- Never give out your legitimate email address.
- Use a bogus email address when asked for an email address by a discussion group or vendor.
- If a vendor will not allow you to download a piece of software without first submitting an email address, again, give a bogus address.
- If you are required to post an email address on a website, use a different email address. Consider creating one specifically for that site. You can also use a free email address provided by a third-party service such as Yahoo or Hotmail.
- If a vendor you do business with provides you with the option of being removed from their mailing list, do it. Usually you will be instructed to put "Remove" in the subject header of a reply email.
- If you do not know the vendor, never reply! This is usually a ruse; even if they include a "Remove" option on the solicitation, it's still usually a ruse. They want to find out if you are a legitimate respondent, and you will receive more solicitations if you respond.
The "Reply to" address is often bogus, anyway. If you really want to find out where the email originates, you need to analyze the email header. There is help: The page published at http://www.arclab.com/en/amlc/how-to-read-and-analyze-the-email-header-fields-spf-dkim.html can help explain the message header, or you can use this tool from MXToolbox to analyze your message header. When you find out the real domain name, contact the ISP to notify them of any scams or abuse of their customers. Be warned, however: Many of these spammer ISPs originate from overseas, and they couldn't care less what their U.S. victims think.
- If there's a chance that a spam email is also a phishing attempt, be sure to click on the Phish Alarm button from within your email. For more information, go to the page What is Phish Alarm?
Why can't the email administrator filter out these spammers?
The answer is that we can and do filter out most potential spam, using a filter that allows users to receive all the emails sent to them. We use this filter because the University of California Office of the President (UCOP) has an official Electronics Communication Policy stating the University's intent to not be an arbiter of the content in electronic communications. As a result, each user can see everything sent to him or her and make the decision to receive it or not. When the choice is "not," we can then filter it out.