We’ve all received it, even though spam filters have come a long way.
It’s the (thankfully) endless inbox alerts only to find that in between the real customers reaching out there are at least four more messages that are spam instead. Don’t get me wrong, a busy inbox is a good inbox but spam drives down productivity because now you have to filter through that to find the real client emails.
But it’s just harmless, even if annoying, right?
Spam does more than just drive down productivity. It can also harm your business. Although it could be fair to argue that loss of productivity also hurts your business, there are more direct ways it harms your business on top of that.
The worst it can do, if you click on any link within the spam email, social media DM, or even text message to your phone is install malware that can steal both your personal information stored on your device (whether that’s a computer or mobile device) as well as your client and customer information. I don’t think I need to say why that’s a bad thing.
The best practice is to not click (or tap, if on mobile) anything in the email, not even an unsubscribe link unless you can verify that the email or message came from a reliable mailer, such as Mailerlite or Mailchimp for example. Since spammers and scammers can create convincing copies, it’s generally best to delete the email and block the sender.
Some of you may be saying, “But what if this was something innocent?”
Let me be clear.
If you didn’t request the email or communication from the company or person and it’s aimed at selling you something or similar (ie: not a potential client), then it’s unsolicited and likely not innocent.
The bottom line is don’t put your data at risk.
The next issue that can arise from spam is, of course, phishing. This is just one example of the many issues, but I’m highlighting two of the worst for now.
Phishing is when a spammer/scammer poses as a legit business in order to “fish” for information they can use, which not only hurts your business directly by stealing, if you or an employee are tricked into believing them and give out vital information, such as financial information, but also your business’s public image if they then use your information to pose as you!
A popular way to do this, particularly to personal emails, is the email that appears to come from your bank. It uses images and formats the email as close as possible to appear to be from your bank. It even uses language similar to how the bank would communicate. Usually, the scam here relates to a “purchase” or similar transfer they need you to confirm, which includes a link that looks very similar to your bank’s sign-on page… and if used the scammer now has your sign-on information for your bank.
They do this to businesses as well, hoping that a busy business owner – rushed and harried by the day-to-day of running their business – will have lowered their guard enough to look into something out of the many possibly legit emails and nab the information that way.
Okay, so how do you get around that?
Again, don’t click that link.
What I do is I ignore those emails. I don’t even trust an incoming phone call most of the time because of the phone scams.
At the end of the day, I log into my bank on a secure browser and check for activity. I also have the app on my phone which alerts me to purchases and the like. If it doesn’t come from the app, it’s not legit. Text messages are deleted without opening, phone calls ignored. If I see an alert when I log into my account, I will reach out. If I happen to get a phone call, I hang up, wait around an hour and reach out to the bank by me calling the number on the back of my card.
We’ve all grown thick skins for unsolicited sales calls, telemarketers, and scammers on the phone. We need to do the same when it comes to emails and texts, no matter how legit the message looks.
A quick note before I end this…
I typically have my email set up to not automatically load images. I realized a few years ago that one of the easiest ways for a spammer, or even someone who is sending you a legit email, to know the email is “live” is to insert a tiny image, often no more than a pixel, into the email message. If your email is set to load images, the image is loaded and because it’s loaded from a remote location, that sender now can track that the email was read. That’s the most benign thing this can do.
So, what can you do to combat this?
Buy and use a good spam filter. Unless your business is enterprise level and has its own dedicated email server, most small businesses use Google Business (now called Google Workspace), Microsoft Office 365, and some have even jumped on board with Proton (my personal favourite). These all thankfully have built-in spam filters which can cut down on the spam, especially the worst of the worst.
Proton will even go one step further and not load images until you tell it to by default. You can set both Google and Microsoft to do the same, and Google has the added bonus of building Workspace on Gmail which also, to some extent, sorts your email into categories so that newsletters and promotional material usually (but not always) sorted into that tab.
You will still need a good deal of vigilance as some spam will slip through.
And remember, never click a link… and never respond. Like a telemarketer or scam call where it’s better to just hang up, it’s better to just delete that email.