What is spam?
Contact us
Spam affects everyone
Anyone who uses the Internet will sooner or later come into contact with spam. In most cases, this is “just” advertising that is sent unsolicited. Sometimes, however, such emails can also cause immense damage, as they are based on fraudulent (or simply malicious) intentions. Companies in particular need to protect themselves, as data theft can quickly lead to high losses and reputational damage.
Definition: What is spam?
Spam (or junk mail) refers to unsolicited messages that are sent electronically. It is usually sent by email, but can also be sent via social networks, text messages or advertising banners. Junk mail accounts for an estimated 90 percent of global e-mail traffic. Most of this is advertising. The term “spam” is short for Stupid Pointless Annoying Message. This suggests a commercial or advertising nature, but this is not always the case: some spam emails contain malicious content and file attachments that can pose a risk to private individuals and companies.
It is characterized by the fact that the recipient has not previously consented to receiving the message. Junk mail is usually sent to a large number of recipients as part of mass mailings. The senders obtain the email addresses beforehand via purchased mailing lists, for example.
What types of spam are there?
Advertising spam
Special offers, counterfeit products at knock-down prices and advertisements for sexual enhancers: sooner or later, every inbox is infiltrated by dubious mailings of this kind. If the offer sounds too good to be true, it usually is. Mailings with proselytizing or racist content are also common, as are fake messages, e.g. about celebrity deaths.
Subscription traps
With this method, the recipient receives an invoice for a subscription that has supposedly been taken out. They are asked to pay, often stating that they are in arrears and only have a short time left to pay. This is intended to build up pressure in order to tempt the recipient to act quickly and recklessly.
This type of spam is particularly problematic when well-known companies such as popular streaming platforms are named as the supposed sender. If you have actually taken out a subscription with one of these providers, you are more likely to classify such junk mail as authentic and follow up on the request.
Phishing
In a phishing email, the recipient should either click on a malicious link or open a file in the attachment. This is how cyber criminals obtain personal data, e.g. by requesting account information. Trustworthy and well-known companies are often chosen as the supposed sender, including banks, health insurance companies or Microsoft support.
A typical trick: A spam mail claims that the bank account will be blocked unless the recipient enters their details via a link provided and thus verifies the account. A time limit is given (often 24 hours) within which the action must be carried out, otherwise the account will be blocked. The recipient then enters their data on the authentic-looking login page and forwards it directly to the cybercriminals.
Malware
Junk mails can contain malicious file attachments that infect a device with malware. The malware is often hidden in Word documents, PDFs or zip files, for example in a PDF invoice. When the invoice is opened, the malware installs itself on the recipient’s computer. There are various subclasses of malware:
- Ransomware: Malware that encrypts files or the entire device and only releases them in return for a ransom (“ransom”).
- Spyware: Spyware that records and forwards the recipient’s files, messages, conversations and online activities.
- Trojan: As with the ancient Trojan horse, the “enemy” is smuggled in covertly. In this case, it is a malicious program that deletes, modifies or blocks data and/or restricts overall system performance.
Where do spammers get their e-mail addresses from?
Criminal spammers often obtain their data from address traders or from the darknet. Data theft is also common, especially from large and well-known service providers whose email lists are correspondingly extensive.
In so-called harvesting, spambots search websites for email addresses that are publicly accessible. These could be found in contact information, forum posts, comments or other public areas. Sweepstakes are also popular, in which contact details are collected and then used for spam emails or sold on to third parties
Why is spam dangerous?
An important point in the risk assessment is that the mass mailing of spam messages is relatively cheap for cyber criminals. This means, for example, that not only selected companies but also private individuals are targeted by spammers.
Spam can also be very dangerous because it not only distributes unsolicited advertising, but is also sometimes used to install malicious software (malware) on the recipient’s device. This results in the theft of personal data and manipulation. Phishing emails also request sensitive data that can give cyber criminals quick access to their victims’ bank accounts, for example.
Sorting out spam is also time-consuming and therefore costly, especially for companies. There is also a risk that business emails will quickly get lost in the flood of spam. At the same time, inboxes become clogged and servers are unnecessarily overloaded.
How do you recognize spam?
Unknown sender
Unknown or suspicious e-mail addresses often indicate junk mail.
Unwanted content
Undesirable content such as advertising for questionable products, fraudulent offers or obscene content are typical.
No personal salutation
General salutations such as “Dear customer” or “Hello” are used instead of the personal name.
Unsolicited attachments or links
Unexpected attachments or links are often included. You are asked to disclose personal or sensitive information.
Spelling and grammatical errors
Spam emails can often contain spelling and grammatical errors. This will not usually be the case with authentic emails, e.g. from a bank.
Pressure to act quickly
Typical are urgent calls to action, e.g. a limited offer that is only available for a short time.
Missing deregistration option
Legitimate marketing emails usually contain an option to unsubscribe from the mailing list. If this option is missing, the email is probably junk mail.
Phishing attempts
Requests for personal information such as passwords, account information or social security numbers are often phishing attempts.
How do you protect yourself from spam?
Make an inquiry now