In this post you will find out how to use disposable addresses, obfuscation and other techniques to protect against the expected tsnami of spam headed for your email box in 2011.
Trend Micro reported 2010 was an active year both for spammers and anti-spammers. Some of the most common spamming techniques in 2010 were:
- Embedded images in messages were actually downloaded from URLs. Salad words were added at the end of the main mail body.
- Messages were made to resemble legitimate email messages from well-known sites such as Amazon but the link actually led to Canadian pharmacy sites.
- The messages’ body contained salad words while .ZIP file attachments contains an image that linked to a site where the actual content was located.
- Spammed messages with only one URL in the message body and very few or no other words.
- Using HTML tricks to make large numbers of salad words at the bottom of the email message invisible.
Here are a few threats Trend Micro predict will hit the big time—and not in a good way—in 2011:
- Social media attacks. When the gossip website Gawker’s commenting system was hacked, over a million commenters’ email addresses were released—many of them with their accompanying password as well
- Mobile hacks. The increasing popularity of third-party apps for mobile phones makes it that much easier for scammers to find their way onto a platform that already has a big red bull’s eye on it.
- The return of spam. Spam levels dropped late last year after the arrest of a suspected major spammer, but it probably won’t take long for them to creep up again. The spam we see in 2011 and beyond will likely come from botnets—massive groups of computers commandeered to send spam, unbeknownst to their owners—rather than from a single spam source. And the new spam may capitalize on URL-shortening services in order to disguise the general shadiness of their links. — To learn more Trend Micro 2011 Threat Predictions (PDF).
10 Ways to Protect Against Email Spam
- Be selective and protective and never sign up for an email address which is the same as your first name or last name – insert letters and numbers. But don’t choose numbers that reflect personally identiying information such as DOB, Social Security number, street address, telephone number, etc.
- Keep a private email address which you share only with close friends and family anf never use it on any site.
- To beat spammers, use a long email address consisting of more than one word and, preferably, word segments as well as numbers and an underscore.
- Create temporary disposable email accounts from among these providers and shield your real email address from prying eyes. Disposable Email Mailboxes: Beat Spam with a Temporary Email Address
- Don’t post your email address in “plain” clickable form anywhere on the Web. — Eluding Email Address Spam Bots
- Use a contact form and/or a guestbook on your website or blog instead of providing a contact email address.
- Don’t become a member of or use sites that demand access to your email contact list.
- Never ever use the email indicators that say “I’m on vacation” or similar settings. Configure email auto-reply to reply ONLY to those email recipients that you place in your contact list. Because if you configure your email program to auto-reply to all incoming email, including spam messages will also receive a reply.
- For worms to spread, social engineering is important, and a crucial point is that the malicious code appears to come from a friendly or even trusted source. —Ignore Delivery Failures of Messages You Did Not Send
- Some spammers add unsubscribe links to their email messages. Never ever use those links. If you do the spammer knows that the email address is valid. And, do not reply to spam emails, as doing that it tells the spammer that your email is valid and active. Once you validate your email address the spammer will more than likely sell your email to other spammers, hackers and or unethical 3rd party marketers.