Back to top

Spot and deal with spam email

Inexperienced computer users can find it hard to recognize when a spammer might have found a way into their inbox.

First order of defense is not revealing your email address publicly online. It's too late if you've had it published online before, it's already been picked up by spam bots. But since this is common, and spam filters are becoming more sophisticated you don't have to beat yourself up over it.

Second order of defense is being aware of the services you have registered an account with, and if you expect any emails from them. Very often spammers assume you have an account with a particular service, it's not uncommon to receive emails from banks or companies you've never even heard of! Services you are registered with and you do receive notifications from don't often change their email style and their schedule is predictable. Pay extra attention if you see anything out of ordinary!

The easiest way to verify it's spam is to check the From email domain, it often doesn't match the domain of the spoofed company, or the actual target location of a link or a button the spammer wants you to click. Hover over the link or button (without clicking!) and look at the lower left corner or the email application to see the target location. It will often be an address that isn't connected to the company, it might even be only an IP address of a server without a real domain name.

If you do stumble upon something suspicious, never click on the links or buttons inside the email!

The most malicious spam emails contain attachments. They are often .zip archives that contain an .exe file when uncompressed. When executing these files on Windows operating systems a virus or some other malware may be installed!

Never open attachments from spam emails!

Below are some examples spoofing well know brands that can teach you what to pay attention to if you suspect foul play. Notice how they can make a lot of parts seem legitimate, From name and email, Subject, email message design with the company logo, real company address, believable wording and believable link text with a suspicious target address. Where applicable I took the screenshot while hovering over a link/button to show the actual target address, which doesn't match the sender.

Spam email spoofing YouTube

Spam email spoofing LinkedIn

Spam email spoofing Craigslist

Spam email spoofing Viagra

Spam email spoofing Playboy

Spam email spoofing IMDB

Spam email spoofing Habbo Hotels

Spam email spoofing Foursquare

Spam email spoofing Facebook


Spam email spoofing Vimeo

Spam email spoofing mystery shopping

Spam email spoofing in Croatian

Spam email spoofing Google

Spam email spoofing FedEx