Spam emails have been a problem since the concept of email was invented. The world found a new way to communicate, and malicious actors found a new way to find victims.
Spammers now send out millions of emails at a time. The result is wasted time and a potential security risk for all email users. Spam filters are designed to prevent this activity. Unfortunately, this doesn’t always happen.
So how exactly do spam filters work?
Why Is Spam a Problem?
The most obvious issue with spam is that it is irritating. Email is supposed to be convenient, and there’s nothing convenient about scrolling through rubbish every time you log in.
Many spam emails, however, are more than a nuisance. Most reputable companies don’t use spam. This means that the vast majority of it comes from criminals hoping to trick you into doing something.
Spam is used to promote:
- Phishing pages: These websites appear legitimate but are actually designed to steal account information.
- Malware: Many spam emails have malicious attachments such as malware, spyware, and adware.
- Scams: All sorts of online scams start with random emails. It’s considered the cheapest way of finding victims.
How Do Spam Filters Work?
Email providers spend a lot of time trying to prevent spam. It is a highly competitive industry, and the ability to prevent spam is an important differentiator. Spam filters can roughly be divided into five distinct types.
Content Filters
All spam emails are designed to convince the recipient to do something. Most, therefore, include the same selection of keywords. Popular keywords that indicate spam include those associated with spending money and those that deal with human emotions.
Content filters are designed to block any email that uses these words too frequently. Obviously, legitimate emails have these words also, so a content filter alone is not sufficient.
Blacklist Filters
Blacklist filters block email addresses known to be used for spam purposes. Blacklist filters are easy to get around by constantly using different email addresses. As a result, the blacklists are constantly being updated.
This causes a race where criminals are always trying to use new addresses faster than they are blacklisted. If emails are sent out in batches of a million, it’s easy for many to get through.
Blacklist filters are also used to block other types of unwanted emails. For example, they may be used to block emails from a specific company.
All emails contain headers. The header is a code snippet that includes information about the email, such as the IP address of the sender. Header filters use this information to decide if an email is suspicious.
For example, a header might indicate that a particular email has been sent to a large batch of people. Or it might show that an email was routed through a server known to be associated with spam.
Rule-Based Filters
Rule-based filters allow you to decide what is considered spam. For example, if you notice that your spam emails always contain certain keywords, you can opt to delete any email that contains them automatically.
Rule-based filters can also be used to remove emails from specific senders. For example, if you cannot opt-out of promotional emails, a rule-based filter can delete them instead.
Bayesian Filters
Bayesian filters are designed to learn from your behavior. Every time you mark an email as spam, a bayesian filter can record your preference and delete all subsequent emails that are similar.
Bayesian filters are useful because some spam will still get through regardless of how good your email is. This type of filter ensures that a specific sender only gets through once.
Why Don’t Spam Filters Always Work?
Spam is an ongoing problem because the people who send it are always looking for new ways to get through. Every time a technique or address stops working, they just try something else.
Spam is also very cheap to send, so criminals have no problem with a high percentage of their emails being discarded. This means that it will continue to arrive until people stop opening spam. It only takes a few “hits” to compensate for the spam network, many of which are intertwined with other criminal activities.
It’s also worth noting that the spam that you do receive is only a small percentage of what was sent.
How to Reduce Spam
If you’re receiving a lot of spam, there are a number of ways that you can reduce it.
Don’t Unsubscribe
If a reputable company sends you spam, they will usually stop if you unsubscribe. However, if you receive a malicious email, it shouldn’t be interacted with in any way. When you unsubscribe to a cybercriminal, you are actually telling them that you have an active email address.
Mark Spam Emails as Spam
The performance of bayesian filters is obviously dependent on your input. For example, every time you mark an email as spam, you are teaching the filter to discard similar emails in the future.
Set Up Rule-Based Filters
Many email providers have powerful rule-based filters, but they don’t actually work until you customize them. Therefore, a lot of spam can be prevented by reading your spam, making a list of common phrases, and adding each one to your filter.
Use Your Own Filter
If you’re not happy with how your email provider handles spam, you can also use your own filter. Spam filters are widely available as free and premium software products. Many also have added functionality, such as the ability to send customized responses.
Stop Providing Your Email Address
Every time you provide your email address online, you give the recipient the chance to send spam. Unfortunately, spam also happens because otherwise reputable companies have been hacked, and your email address has been sold. The easiest way to prevent spam is to keep your address as private as possible.
Don’t Trust Any Anonymous Emails
Spam emails are irritating and potentially dangerous. Unfortunately, regardless of how many filters your email provider uses, the occasional rogue email is unavoidable.
It’s worth noting that some spam emails are profitable precisely because they appear legitimate. Before following email instructions of any kind, it’s therefore important to check the sender.
Read Next
About The Author