I hate spam. You hate spam. We all hate spam. It clogs your inbox. It
insults your intelligence or sensibilities. It wastes your time. Today,
I am not talking about what the spammers send or why they send it. I
think most people know why they send it. This is about how it finds you,
in the first place.
Generally, there are four reasons:
1) Your website
2) Someone you know has a computer virus
3) "Dictionary" spam
The number one place your email address is harvested from, is your
website (this also applies, of course, to anytime your email address
appears on ANYONE’S website, not JUST yours.) Chances are you have (or
have had) your email address on your website, in the hopes of generating
business. While it was a noble gesture, it’s likely the email address
harvester spiders ruined it for you.
If you still do have your email address posted on your website, you
should consider obfuscating it, or better yet, replace it with a
"contact us" form. You can even have a form that gives your visitor a
choice as to whom to contact, if that helps direct traffic. The other
upside to a form is that you can make sure you receive certain
information from a sender. This is when you use "required" fields. Make
sure to have good error messages when something goes wrong. Error
checking goes a long way.
You should make sure you have a "confirm" email (or other critical)
field option, so it will cut down on typos as they have to match. You
can also put graphics of numbers or letters on your form that someone has to type in a field
to make sure they are humans submitting the form and not automated email
address harvesters. This is known as CAPTCHA. It’s very easy to
implement. If you have never seen it, take a look at the comments section at the bottom of this page.
If you do move to a form-based contact system (Total Hosting has these built into your control panel), you should also change
the email addresses for everyone involved. Instead of "fred@" make it
"fred.flintstone@" or something else. Then wean your contacts off by
sending everything to them from your new account. Attach vcards, and put
a notice in your signature file, so your legitimate contacts can update
their email address books. Then, put autoresponders on the old accounts,
alerting people to the new addresses (written out like "fred dot
flintstone at mydomain dot com") so that anyone you legitimately want to
hear from will get the idea. Hopefully the spammers will not.
Eventually you should shut off the old account as it will fill up with spam over time.
2) If the spam is coming from an address you recognize, then try to
alert them so that they can run some antivirus on their computer. Keep in mind that spam viruses try to trick you by using fake addresses when they send spam so it may not have really been from your someone you know at all, even though it may appear that way.
3) Sometimes the spammers will just send out blasts to common words and
names. So if your email address is "sales@" or "fred@" it will be very
easy for the spammers just to guess. Like above, consider moving to a
more specific email address system. "fred.j.flintstone@" is much less
likely to get hit with random spam than simply "fred@." Instead of
"sales" make it "salesteam" or "domesticsales." Again, how you exactly
wean people off the old account is up to you and your levels of email
activity. Power users may want to run concurrent accounts for a while,
still trying to move people away from the old address.
4) If you ever get a piece of spam, DO NOT CLICK ON ANYTHING in the
email. Do NOT "CLICK HERE" to try get them to remove you. All you are
doing is letting them know you are there. They will not honor the
request. They are spammers after all.
Often using the "CLICK HERE" to be removed link will increase the amount of spam you receive because you have confirmed that a human has read the message. This makes your address more valuable to the spammer.
Now, don’t confuse "spam" with 3rd party mailers from companies you have
done business with. If you subscribe to any newsletters or magazines,
make sure you opt out from getting emails from "partners," if you want.
If it’s an email solicitation from a legitimate company, then they will
most likely honor your request to removed from future mailings.
I tend to personally distinguish between businesses trying to
legitimately leverage email (through use of third-party senders like
Constant Contact or other similar services and based on my own
subscriptions to newsletters and account set-ups) and the "spammer" who
is just annoying me with untargeted, or simply obscene, emails.
If you ever get an email that you think is legitimate, do not click on any links. Look for signs that the
URL may be fraudulent. Directly type into your browser the name of the website you want to go to or try doing a search for just the domain name. Often the worst kind of spammer, known as phishers, will send emails claiming to be from your bank or credit card company. These emails look very real and contain links to websites that may look exactly like the bank website. My advice would be to NEVER click on a link in any email to take you to your bank or credit card company website. Always type the name of the website directly into your web browser.
There are some other things you can do, to help reduce spam.
1) Use a good anti-virus program at home. I personally recommend Symantec Norton 360. It has anti-virus, spam filters, a firewall, a backup program, and a phishing filter for your web browser (IE only at this time).
2) Use the filters that come with your web hosting plan. Total Hosting screens all email and filters out the majority of spam and viruses. You can fine tune these settings for each mailbox via your control panel.
3) Set-up whitelists/graylists. They are a pain, but once set-up, it
certainly keeps your in box clean. Make sure to set yours up so that
anyone you send a first email to, is automatically added to your white
list. And if you subscribe to any newsletters, or do any ecommerce or
send an email from a form, where you expect a receipt or reply, manually
add those domains to your list, so they get through to you.
4) Get browser plug-ins. Internet Explorer and Firefox both have built in Phishing filters. Make sure they are turned on. If your current browser of choice does not have
any plug-in/customization options, consider switching to something like
Firefox. You can get lots of tools to make your surfing safer and more