Spam vs Phishing: Everything You Need to Know

Unwanted emails are a nuisance and no one wants to wade through piles of spam and promotional emails to get to what’s important. This is particularly crucial if you’re running a business and you don’t want your inbox to become clogged full of unimportant messages.

Spam and phishing emails are both irritating, however one poses much more danger than the other. Spam emails are generally harmless, whereas phishing messages are sent with the intention of stealing private details and over sensitive data. It’s important to be able to identify spam and phishing emails, as well as the differences between them, so that you can stay safe online. With this in mind, read on for our ultimate guide to spam and phishing, including how to identify these emails, the potential dangers and how you can protect yourself.

What is spam?

Also known as junk mail, spam is an unsolicited message sent in bulk by email. Spam messages have been around for almost as long as the internet itself and by 2014, spam was thought to account for 90% of all email traffic.

Spam is defined as an email which the recipient has not given permission to receive and most spammers use tools to scan the web and harvest email addresses. If your email has been publicly posted anywhere, a spammer may be able to get hold of it. They then use these addresses to send out bulk emails to hundreds or thousands of people at a time.

Spam emails are annoying, but they’re not dangerous (from a data breach or virus point of view). Common types of spam emails include unwanted newsletters, chain letters, pyramid schemes, ‘get rich quick’ home schemes and adult content. Spam messages aren’t inherently malicious, but you should still avoid clicking on any links contained in the message and never give out any personal details.

What is phishing?

Spam emails are unwanted but harmless, whereas phishing mail is a fraudulent attempt to obtain sensitive personal information or data. Phishing messages disguise themselves as a seemingly legitimate looking message from a trusted sender, such as your bank, insurance company or mobile network.

Phishing emails are designed to target an individual or company and get them to divulge sensitive information, such as passwords, banking details or transfers of cash. The consequences can be devastating, including identity theft, stolen savings or hacking of sensitive data. Phishing emails can be general or more targeted (also known as ‘spear phishing’). This involves sending targeted emails to certain individuals (usually employees at the same company) in order to try to gain access to the company’s mainframe or network.

How to identify a phishing email

Phishing emails can look legitimate at first glance, but there’ll often be some subtle differences that give them away. Signs of a phishing email include:

  • Misspelled words
  • A website address with one letter missing, or two letters swapped around
  • Discrepancies between the language of links and the URL they direct you to
  • Requests for personal or protected information
  • Forms within the email
  • Highly charged language – e.g ‘act now!’ or threats that an account will be deleted.

If an offer seems too good to be true or is suggesting you urgently need to update your passwords or log in information, chances are that it’s a phishing email. We will discuss how you can protect yourself against phishing and stay safe online in more detail below.

How to protect yourself online

Phishing might sound alarming, but there are plenty of ways to protect yourself and ensure your information stays private. There are also steps you can take to keep your inbox clear of spam, so read on to find out more.

Educate yourself

One of the most effective things you can do is educate yourself about the common signs of phishing emails, like the ones listed above. Many people feel embarrassed if they’ve been the victim of a phishing scam, but perpetrators often go out of their way to make the messages look as legitimate as possible.

Knowing the subtle signs to look out for will ensure you stay alert and are less likely to mistake a phishing email for a genuine article.

Install anti-spam software

Anti-spam software is essential if you want to protect your inbox from spam or phishing emails. These software programmes effectively filter up to 99% of unwanted spam, to prevent them from reaching your inbox in the first place.

They also offer professional protection against viruses, as these can be hidden within spam or phishing emails, or activated by clicking an unsafe link. Spam filters analyse each message that is sent to your inbox and any harmful files that are detected will be sent to a safe ‘quarantine zone’. Anti-spam software is particularly important if you’re running a business as it’s likely that your servers will hold a lot of sensitive information or customer’s details.

Choose the right passwords

Always use a different password for each of your accounts and ensure that they’re varied too. A combination of upper and lower case letters, numbers and symbols offers the most protection, as does a random combination of letters (as opposed to the name of a favourite pet or your mother’s maiden name).

If you’re worried about forgetting each unique password, use a secure password management system like LastPass. Password managers can generate strong passwords and store them in a secure, encrypted format for maximum protection.

Don’t click on suspicious links

Spam and phishing emails often contain links to a third party website or form asking you to fill in personal details. Never click on these links, unless you’re 100% sure they’re from a trusted source. You should also never open any attachments and ignore any pop up forms asking for your personal details.

Never give out personal information

Legitimate companies, agencies and organisations will never ask you for personal information via an unsecure email or pop-up screen. If you receive an email claiming to be from your bank, subscription service or bill provider, don’t give out any personal details if the email asks for them.

As mentioned, these emails often use emotive language to try and get you to comply, such as suggesting that your services will be cut off or your account will be shut down. Be alert and give the company a call if you’re in doubt.

Don’t open mail from unknown senders

It might sound obvious, but don’t open emails from unknown senders. In most cases these emails will go straight to your junk folder (or be filtered out if you have anti-spam software), but some can still slip through.

If in doubt, leave the message unopened and delete it straight away.

Report suspicious messages

If you’ve received a message you’re unsure about, you can also report it to the National Cyber Security Centre using the Suspicious Email Reporting Service (SERS). They’ll then analyse the email and take action if they believe it contains malicious activity.

This includes blocking the address the email came from (to prevent them sending further emails), working with hosting companies to remove links to malicious websites and raising awareness of commonly used scams and email templates.

Anti Spam Software for Businesses – From the Experts at MailCleaner

If you’re looking to protect your business from unwanted spam, get in touch with the experts at MailCleaner. Our anti-spam software offers professional protection against viruses and eliminates up to 99% of spam. We’re proud to offer a range of flexible packages to suit everyone, from small independent businesses, to larger corporations, governments, and schools and universities.

Our filters analyse each piece of mail you receive, and if a harmful file is detected, the software will automatically send it to a safe quarantined zone where it can’t cause any damage. We offer shared or virtual cloud-based solutions and the software can be installed in as little as 15 minutes, so give us a call today or visit our website to find out more.