About

What is Spam?

Putting all tinned meat and canned laughter jokes aside in preparation; let's talk about spam. In plain English, the term spam refers to unsolicited messages, and spamming is the act of repeatedly sending said unsolicited messages in high quantities. Typically sent over the internet with the purpose of being disruptive, spreading malware, or (poorly) advertising products, spam is most commonly sent in email form, but can also be found on social media, forums, MMORPGs (Massively Multiplayer Online Role-Playing Games), and in search engine results.

Being able to recognize spam is crucial for maintaining digital security, so let's delve deeper into spam, its history, its risks and its consequences.

What exactly is computer spam?

Computer spam encompasses a wide range of messages that can be distributed virtually – specifically, messages sent in bulk. Spammers want to reach as many people as they possibly can, because in doing so they up their chances of someone taking the bait and engaging with whatever it is they're trying to push. Spam can range from annoying to genuinely dangerous, such as spam that contains malicious links to malware, or intends to scam the recipient.

How does it work?

Spammers will gather email addresses from across the web using harvesting tools. They can take email addresses from websites, forums, social media, or as a result of data leaks. Computers belonging to other people can be used to help spread the spam even further – infected computers can send spam without the owner's knowledge. Unfortunately, there are plenty of tools available to help would-be criminals to compose convincing spam messages and emails, and as a result people across the world are duped by spam every single day. In 2023, it's believed that just under half (45.6%) of all emails sent worldwide were spam.

At best, spam is a nuisance, and wastes people's time and energy when they're forced to sift through it to find genuine messages. At worst, spam can pose a serious security threat to both businesses and individuals – and can result in serious financial losses. The potential risk means that spam should always be taken seriously.

The history of spam

Spam has been around for as long as digital communication has been possible. Its moniker comes from a 1970 skit by British comedy troupe Monty Python, where the word spam is repeated over and over, in reference to the canned meat of the same name. In the sketch the word is overused so ridiculously that it became synonymous with pervasive, unwanted messages.

Between the 1970s and the 1990s, as users became more familiar with email, people quickly realized that sending mass messages was an easy way to reach a wider audience – much to the wider audience's annoyance. Email marketing and commercial advertising services quickly began to exploit channels of digital communication, with people advertising everything from product demonstrations (Gary Thurek in 1978, in the first ever recorded instance of spam) to legal services (lawyers Canter and Siegel in 1994, who spammed thousands of Usenet users).

As more and more people began to use email, spam evolved into a larger issue. Between 1990 and the early 2000s spamming technology became more advanced, and automated email harvesting tools meant that soon spam would account for a substantial portion of all email traffic. Internet security was not as well-informed as it is now, and soon people had no choice but to start introducing anti-spam laws to try and stem the flow of unwanted messages.

The legalities of spam

The CAN-SPAM act was enacted in 2003, setting guidelines for commercial emailing and giving people the right to stop businesses from contacting them. It became a requirement to tell recipients how they could opt out of receiving messages, and any single email found to be in violation of the act's criteria could be subject to a fine - potentially totaling thousands of pounds. Other countries soon followed suit and produced similar regulations, and email service providers began to implement filters and blacklists to detect and block spam.

As well as giving recipients the option to opt out, most spam laws also include:

  • A stipulation that the emails must not contain deceptive subject lines or any false information about the sender.
  • The need for the email to identify itself as an advertisement.
  • Provisions on consent.
  • Strict penalties for failing to comply with the regulations.

The evolution of spam

If you've spent any amount of time on the internet or own an email account, you'll know that spam is still a significant issue. The rise of social media and instant messaging platforms have provided spammers with multiple channels through which they can reach their targets. The methods they use have also advanced – but thankfully, so has the technology surrounding spam detection and prevention.

What are the different types of spam?

Focusing on messages sent across digital platforms only, here are some of the most common forms of spam:

  • Email – the most common form of spam. Unsolicited emails may contain legitimate advertisements for products or services; phishing scams designed to steal personal information; or malicious attachments that may infect your computer with malware should you open or download them.
  • Social media – in the form of direct messages, public comments, and fake profiles. Fake accounts may be made specifically to spread spam and scam the unwary, sending comments and messages containing links to unsecure websites. Repetitively posting promotional content for genuine products or services can also count as spam.
  • Instant messaging and SMS – one of the earliest forms of spam were chain messages sent via instant messaging platforms, urging users to forward them on – usually with a threat of dire repercussions if they chose not to.
  • Search engine (Spamdexing) - this involves manipulating search engine results by keyword stuffing; link farming; and cloaking. These are all tricks of the trade to promote websites and make them rank more highly in search results – but the result is the creation of lots of unnecessary, unhelpful spam pages.
  • Comment – comment spam can be a form of attack used on blogs, forums, videos or social media posts. As well as linking to malicious content, comments may simply aim to generate traffic, and the sheer quantity of them may obscure genuine comments and content as a result.

Spam vs phishing

Both spam and phishing involve sending unsolicited messages to connect with other internet users. While there is definitely overlap between what is considered spam and phishing, the main difference is what the senders hope to gain from the interaction.

With spam, the purpose is usually promotion - whether the products or services are legitimate or not may vary. The information is usually irrelevant to the recipient, and may be annoying and time-consuming to deal with. Most of the time spam wants to show you something and convince you to engage, not obviously ask something of you.

The purpose of phishing is to create messages that appear to be from legitimate sources, in order to trick the recipient into sharing personal information. This may be passwords, bank details and credit card numbers, or sensitive data pertaining to work. It's harder to discern phishing attempts from spam, as at first glance they may appear to be from service providers you use, or people you know.

How to identify spam

Even legitimate websites and businesspeople can be guilty of sending spam, so a dubious source isn't always a foolproof identifier. Here are some of the common indicators that the message or comment you have received is spam:

  • The message is unsolicited, you did nothing to prompt it, and you're not familiar with the sender or their services.
  • Whatever it is that is being offered seems too good to be true.
  • The message has a sense of urgency – the offer is limited, or highly sought-after, or only being offered to a select few etc.
  • It contains attachments or links that seem suspicious or out of context.
  • The language used to address you is generic e.g "dear customer."
  • There are grammatical errors and spelling mistakes.
  • The email address doesn't appear to be related to the business or subject matter.

If at first glance the email appears to be from someone you know, either an individual or a business, it's always best to contact that person directly. They'll either confirm that the message is genuine or prove that you were right to be suspicious. Either way, you've avoided being scammed.

Possible consequences of engaging with spam

Even when you're doing your best to be vigilant, there's always the chance of spam sneaking through the cracks and luring you in. Here are some of the things that can happen as a result:

  • An overflowing inbox. Annoying, but not catastrophic - if your email address is visible anywhere on the internet, you can guarantee that you'll receive spam. Failing to flag this spam, unsubscribe from mailing lists you believe to be spam, or engaging with this spam will only cause it to multiply.
  • Privacy breaches. A more serious side effect of the previous point; if your email address is being shared without your consent, chances are that the same may be happening with other personal information.
  • Identity theft. The final incarnation of the aforementioned points – providing spammers with any kind of personal information may result in identity theft.
  • Financial loss. Falling for spam scams, even those as simple as purchasing a mis-sold product or service, can result in monetary loss.
  • Viruses and malware infections. Interacting with the links and attachments found in spam may install malware on your computer without your knowledge. This is one of the many reasons for having antivirus protection installed on your computer.
  • Reputational damage. More of a concern for businesses or self-employed businesspeople, but having to admit that you've fallen victim to any kind of spam-related scam may damage customers' trust in you and your internet savviness.

How to prevent spam

Thankfully, when it comes to preventing spam, there are lots of different methods you can use. In fact, they work best when used in combination with each other.

Spam filters

Most email providers come with advanced spam filtering capabilities, and the majority of spam emails will be sent directly to your junk folder without you having to sift through them. Occasionally other mail can get lost in this folder, especially if it's from a legitimate but unfamiliar sender, so it's important to check through your junk folder every once in a while.

Guard your email

Try to avoid sharing your email publicly where possible. If it's shared on any websites, forums, social media, or used to log in to public Wi-Fi, it becomes easier for spammers to find. If you need to use an email to sign up to legitimate services but want to avoid receiving spam emails from them (and anyone they share your data with), consider making a separate email address for this purpose.

Exercise your right to unsubscribe

The number of mailing lists you're subscribed to can really rack up over time. Remembering to unsubscribe from the mailing lists you're no longer interested in can help to keep your inbox clear, and improve your chances of recognizing spam. Only follow the unsubscribe link in legitimate emails, as the links to spam emails may be malicious.

Stay informed

Take ownership over your online awareness and stay up to date with spam and phishing tactics. This will help you to recognize suspicious emails and enable you to verify genuine messages.

Report spam

Spam filters will only improve with your input - this is one of the reasons why it is vital to report any spam messages that you receive. Every time you report a spam email you're training your filters to better recognize their calling cards. By doing this you're not only protecting yourself and your computer, but helping to make the internet a safer place for all users.

Why am I getting spammed?

If you're following all of the above guidelines and spam is still finding its way into your inbox, there may be some reasons to blame that are outside of your control.

There are plenty of companies that sell their subscribers' email addresses to third parties. Any newsletters or contests you may have applied to with your email address could be responsible for your email making its way into the hands of spammers. Unfortunately, any instance where you have been asked to provide your email address could be a way for spammers to get ahold of your email. Once it's out there, the best thing you can do is make sure you have the appropriate filters and protection in place.

Can I get in trouble for sending spam?

Now you understand what is considered spam, it's easy to see how even sending mass messages with good intentions could technically qualify. If you or your business are found guilty of sending spam, it could result in your email address being blacklisted and your client base losing faith in you. Not only is spam illegal, but it's also unethical, as it uses the recipients' information and trust against them.

It's important to make sure any correspondence you send isn't in violation of the CAN-SPAM Act, or else run the risk of incurring hefty fines or even lawsuits.

Keep spam canned

Despite the best efforts of legislators and tech geniuses alike, spam isn't going anywhere any time soon. But, by taking steps to understand, identify and avoid falling for spam scams and phishing attempts, you can maintain your privacy and your digital security.

If you want to feel confident in the validity of what you'll find every time you go to your inbox, consider SUPERAntiSpyware Professional X Edition. Using software such as ours protects you from the malicious links, spyware, malware and viruses contained in spam by scanning your computer and removing anything harmful before it has a chance to spread.