15 years after the world united to crack down on spam emails, we’re still struggling with overloaded inboxes. All that unwanted email continues to flood the internet, much of it targeted to small businesses, and the impact goes wider than you might think. Here’s the full breakdown of how modern spam works and how it’s hurting your business.
What is spam? Generally speaking, spam is any unwanted message that lands in your email, comes via text, social media messaging, or other communication platforms. It might be sent to your main business account, eg your ‘contact us’ email, or directly to your employees. Most of the time, spam is annoying but relatively innocent messages from another business inviting you to buy/do/see something. They’re newsletters (!), reminders, invitations, sales pitches, etc. You may know the sender and have a previous relationship with them, or they might be a complete stranger. Occasionally, spam may even be part of a cyber attack.
Why you’re getting spammed. Maybe you or your employee signed up for a newsletter or bought a $1 raffle ticket to win a car. Perhaps you got onto the mailing list accidentally after enquiring about a product, not knowing that simply getting a brochure sent through would trigger a spam-avalanche. Often there’s fine print that says they’ll not only use your details to send you their marketing, but they’ll share your details with 3rd parties so they can send you messages too. That single email address can be passed around the internet like wildfire, and before you know it, you’re buried under spam. Sometimes, and more than we’d like to think, your details are found illicitly, perhaps through a hacked website for example, like the recent LinkedIn or Yahoo leak. More often though, your email is simply collected by a computer ‘scraping’ the internet – scouring forums and websites for plain text or linked emails and selling them as prime spam targets. It’s easy to see how individual office employees receive an average of 120 emails daily, over half of which are spam!
More than annoying. We all know spam is annoying, but did you know it’s also resource hungry? Your employees are spending hours each week sorting their email, assessing each one for relevance and deleting the spam. Too often, legitimate emails from clients and customers get caught up and are accidentally deleted. Add in the temptation to read the more interesting spam emails and productivity drops to zero. On the other side of the business, your email server might be dedicating storage and processing power to spam emails, occasionally to the point where inboxes get full and real mail is bouncing out. While most spam is simply an unwanted newsletter or sale notice, there’s also the risk that any links may be a cyber-attack in disguise. After all, one click is all it takes to open the door to viruses, ransomware, phishing or other security emergencies.
Spam is a HUGE vector for Infections. Past being just annoying and wasting your time, e-mail spam has become a very effective vector for spreading malware or otherwise stealing information. You may be aware that you shouldn’t open unsolicited attachments, but that is not the only way to cause problems. Lately, I have seen a lot of messages that contain no malware, and don’t even link to a virus. This way, they can’t even be caught by spam or virus scanners. What they do however is take you to a fake login site like Facebook or Google that then asks for your credentials to log in and see a shared document…These can look very convincing but DON’T FALL FOR IT!
Some other advice for avoiding spam:
- Business e-mail should NOT be a free service such as Hotmail, Yahoo, AOL, or even Google. Not only are they not as secure as most businesses need, those are known domains and regularly attacked and spammed. If you set up a custom domain (like littledogtech.com), you are instantly creating an address that is completely unknown and new. Spammers can’t send mail to a domain they don’t know about! Setting up a custom domain is not as hard or expensive as it used to be.
- Once you have that custom domain, format your business e-mail addresses to NOT have common names like ‘admin’ or ‘sales’ or ‘support’. These are easily guessed and added to lists. Also, include more than just the first name of your employees to make the address harder to guess. Use Robert.Johnson@company.com rather than firstname.lastname@example.org.
- Utilize a 3rd party mail filtering service to scan and categorize all mail for viruses or spammy content BEFORE it reaches your inbox. These systems can also filter out potential phishing messages by recognizing that something that may look like it is coming from a co-worker is not. Our clients that are on such a system enjoy GREATLY reduced spam in their inbox.