Differences

This shows you the differences between two versions of the page.

--- handling_suspicious_email_messages_and_spam [2016/09/19 10:53] – [Unsubscribing from marketing messages] formatting abrashear
+++ handling_suspicious_email_messages_and_spam [2017/02/10 09:51] – [Unsubscribing from marketing messages] Clarify content abrashear
@@ Line 1: / Line 1: @@
 ====== Handling Suspicious Email Messages and Spam ======
-The two best ways to reduce the amount of unwanted email in your inbox is to report spam messages and unsubscribe from mailing lists you are not interested in.
+The two best ways to reduce the amount of unwanted email in your inbox is to report spam messages and unsubscribe from mailing lists you are not interested in. Gmail can even automatically unsubscribe you from messages you mark as spam.
 The open nature of the global email system is a double-edged sword―by nature it allows any person or company to communicate with anyone else. The drawback is that sender's do not always have good intentions. When reading email, you should always question the sender's intentions. Consider the following when reading email (particularly unsolicited email):
@@ Line 7: / Line 7: @@
 ===== Is this email actually from who it says it is? =====
-  * Check the From address on the email. Messages from your bank should probably come from //[email protected]//, and not //[email protected]// or //[email protected]//.
+Malicious messages can come from anyone. It's very common for an attacker to hijack an account, and then use that account to send harmful messages to all of the contacts. Even if a message is from someone you know, be on alert if it seems unusual.
-  * Consider the body of the message. If you have communicated with this person before, is their grammar unusual? Is the formatting of the message odd? Is their spelling particularly poor?
+  * **Check the //From// address on the email.** Messages from your bank should probably come from //[email protected]//, and not //[email protected]// or //[email protected]//.
+  * **Consider the body of the message.** If you have communicated with this person before, is their grammar unusual? Is the formatting of the message odd? Is their spelling particularly poor? Are they asking you to do something unusual?
 ===== Is this message trying to get me to do something dangerous? =====
+Emails which attempt to persuade you to do something dangerous often use language which adds urgency so that you are more likely to suspend your suspicion and perform the action anyways. Vague messages which implore you to open some link or attachment are frequently malicious. Examples of dangerous actions are:
+  * **Providing usernames or passwords** — A common attack is to provide a link which looks like the login page to your email provider or other service. The attacker saves any password you submit, and uses it to hijack your account.
+  * **Transferring/receiving money** — There are many scams which encourage you to receive a sum of money and forward it to someone else. Through various methods, you'll end up losing all of the money to the scammer.
+  * **Visiting malicious links** — Malicious links may look like links to trusted websites, or be random webpages on the internet. If you aren't sure if a link is safe, err on the side of caution and do not open it.
+  * **Opening attachments** — Attackers may send attachments which can exploit vulnerabilities in software to harm your computer or hijack your accounts. Word documents, PDFs, and other Office documents are common vectors of exploitation.
-  * Examples would be: providing usernames or passwords, transferring money, visiting malicious links, or opening attachments.
+Naturally, if you never trusted any message or opened //any// attachment, email would not be very useful. Use your best judgement and if you feel a message is unsafe, you may want to report it as a phishing or spam. Reporting spam and phishing emails is good practice, because you will help Gmail reduce the amount of unwanted messages you receive. If a message is probably safe, but you do not want to receive any more message like it you may be able to unsubscribe from marketing messages from that sender.
-  * Emails which attempt to persuade you to do something dangerous often use language which adds urgency so that you are more likely to suspend your suspicion and perform the action anyways. Vague messages which implore you to open some link or attachment are frequently malicious.
-Naturally, if you never trusted any message or opened //any// attachment, email would not be very useful. Use your best judgement and if you feel a message is unsafe, you may want to report it as a phishing or spam email using the steps at the bottom of the message. Reporting spam and phishing emails is good practice, because you will help Gmail reduce the amount of unwanted messages you receive. If a message is probably safe, but you do not want to receive any more message like it you may be able to unsubscribe from marketing messages from that sender by viewing the instructions below.
-If ever you are not sure if a message is malicious or not, I am glad to have a look and help you determine how to handle them. In these cases, you will want to send the message with headers to <[email protected]> using the instructions below. I am especially interested in messages that appear to come from lasallehs.net that are marked as spam or are not marked as spam but seem like they should be.
+If ever you are not sure if a message is malicious or not, send the message with headers to <[email protected]> using the instructions below.
 ====== How to send a message with headers in Gmail ======
@@ Line 46: / Line 49: @@
 ===== Unsubscribing from marketing messages =====
-Often marketing messages will give you the option of unsubscribing from their list. If the "spam" message is from a company you've previously dealt with, you may want to remove yourself from their mailing list by unsubscribing. According to the [[https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003|CAN-SPAM Act]], email marketers are required to provide you with an option to unsubscribe from their messages. You should apply this method **only** to messages in your inbox. Messages in your spam folder are more likely to contain malicious links.
+Often marketing messages will give you the option of unsubscribing from their list. If the "spam" message is from a company you've previously dealt with, you may want to remove yourself from their mailing list by unsubscribing. According to the [[https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003|CAN-SPAM Act]], email marketers are required to provide you with an option to unsubscribe from their messages. You should apply this method **only** to messages in your inbox from companies you recognize. Messages in your spam folder are more likely to contain malicious links.
-Read the message and search for an //unsubscribe// or //update subscription// link—usually at the bottom of the mail. Visiting that link will allow you to opt out of future mailings from that company.
+It is always safest to mark messages as spam. Especially if:
-  * If you cannot find a way to unsubscribe, report the message as spam.
-  * If you unsubscribe from a company's mailings and continue to receive them, mark the messages as spam.
+  * You have never dealt with the company directly.
+  * If you cannot find a way to unsubscribe.
+  * If you unsubscribe from a company's mailings and continue to receive them.
+Read the message and search for an //unsubscribe// or //update subscription// link—usually at the bottom of the mail. Visiting that link will allow you to opt out of future mailings from that company.