How to Defend the Email Inbox

-

 everyone knows what email is, and most people, are also members of email lists too. Unfortunately, everyone also knows about SPAM, but not everyone knows how to defend the email inbox

A computer screen with 999 unread messages
Can Spam Act 2003

    In an effort to curtail  SPAM, the CAN-SPAM act 2003, enacted by Congress, was passed to defend your email inbox.  That’s over 19 years ago, and no revisions.  It was and is an effective method to limit unwanted messages: but as a law, it did not address the technical obstacles and fundamental problems that remain; therefore, SPAM continues to be delivered to inboxes.

SPAM, being annoying, misleading, and costly was the catalyst that spurred email authentication.  Email authentication is the process by which an ISP can verify the identity of the email sender.

Email authentication started around 2004 with SPF.  This was developed in response to SPAMMERS using forged email addresses (also known as spoofing) to get their messages delivered.

Today, SPF continues to be one way to defend the email inbox.  Other email authentication tools were developed also, which include DMARC, DKIM, and BIMI.  However, none of these tools are 100% effective when it comes to SPAM. 

Regardless of proper protocols in place, the SPAMMERS are non-stop.  They continue to send spoofed emails, pretending to be someone they are not.  Most commonly spoofed email is known as phishing.

What does phishing catch?

Phishing catches your data.  One of their goals is to obtain your private, or sensitive information.  They do this by falsifying their identity, pretending to be someone you know, doing business with, or from a reputable, legitimate organization.  If they are successful, you may become another victim of identity theft.

Victims of phishing are also prime targets for malware and ransomware distribution.  This is done by inviting the victim to click a link or download a file, which can install malicious software on your computer.  To avoid being spoofed it’s always a good idea to verify the real sender. Defend your email inbox by:

  1. Reviewing the email headers.
  2. Read the FROM address associated with the organization: i.e. is the email from a Gmail account when the Subject states, they are from Microsoft?
  3. Hovering over the link (for example) with your mouse and read the URL that link will take you to. Is the link really from paypal.com or some foreign address?
  4. Call the organization and ask them if they sent an email.
  5. Deleting the email if you’re in doubt.

SPAMMERS or email hackers are very successful, be proactive in defending your inbox.

The art of Spear Phishing

Spear phishing is a direct attack on an individual or on a group of people who work in the same organization, field, or industry.  This type of attack plays on the recipient’s character and level of trust.  This type of assault tries to trick the email recipient into performing an action, based on their “trust” for the sender. 

For example, the phisher sends an email to a group of office workers in the same organization from the “accounting department” with a request to review changes that affect their direct deposit account: The message may include a fake routing and checking account number, asking the victims to reply with okay if the information is correct or follow a link to change the information. Unknowingly some may never question this email and reply with their account numbers.

A whale of a story

Whaling is another type of spear phishing.  This type o attack involves email aimed at a big fish: such as the high-level executive, or the person who has access to payroll, or financials.

It is similar to spear phishing, as this type of attack is based on the misguided trust of the sender.  These types of emails require more time and patience on the email hackers' end, as they need to collect information about the victim, and use this information to craft just the right targeted email so it seems legitimate.  

Tools of the trade for the phisher include Social Media accounts, company-posted profiles, public records, career history, a simple search of the victim’s name, and paid-for background reports.  Data breaches can reveal passwords, commonly sold on the dark web as is other personal and private information.   

 

Is it possible to defend your email inbox?          

Whoever we choose for an email provider the majority of domains have a solid email authentication requirement.  The result is less SPAM from those messages without authentication.

 However, phishing remains a problem. Like any software program, email spammers continue to update their attack methods to bypass email defenses. and hacks. Even with email security and authentication protocols, the next best defense to defend your inbox is phishing awareness education. 

Questions about email list services and email authentication?  Ask Dundee.

Comments

Post a Comment

Popular posts from this blog

Revolutionizing Group Communication: How DiscussionListServices.com Leads the Wa

-
Image
  Tammy runs a nonprofit organization and there is so much to do. It’s a position that comes with its fair share of challenges and rewards. Managing a nonprofit means wearing multiple hats, including organizing events to coordinating volunteers and everything in between. With so many tasks and conversations happening across various groups, it's no wonder Tammy finds it hard to keep up. Was it Amy who said she would work with the kids on Wednesday and bring chairs, or was it crayons? And the weekend brunch—was it scheduled for 12 PM at 1 Main Street or 1 PM at 12 Main Street? YIKES!  Amidst the clutter of apps , digital reminders, and calendars, the details do get lost. Lost details lead to confusion and miscommunication. Overworked and stretched thin, Tammy needs a solution that simplifies communication without demanding more of her limited time. This is a common scenario for many nonprofit leaders, and the solution lies in effective communication tools. This is where group email o
Read more

Holiday Email Marketing Tips for Nonprofits for multiple List users under One Domain

-
Image
The holiday season is a crucial time for nonprofit organizations to connect with supporters, donors, and volunteers. This creates the need to manage and communicate with several groups . Groups such as donors, event attendees, and volunteers need to hear from you, and email is the easiest way to connect with them. Segmenting email lists into specific groups (for example) or paying for several different lists is a drain on needed resources. The ability to create lists on the fly, both for announcement and discussions , is the ideal solution. Dundee Internet offers Virtual List Hosting which allows your organization to create unlimited lists, when you need them. All list types are supported, newsletters, discussions and announcements We keep communication organized and professional. Here’s a streamlined guide to holiday email success using virtual list hosting:   Segment with Purpose : Use virtual list hosting to create separate lists for major donor groups, regular support
Read more

Modern Uses for RSS Feeds on Your Website

-
Image
    Despite the rise of social media and other content distribution methods, RSS (Really Simple Syndication) feeds remain a powerful tool for sharing and organizing information. Here are some innovative ways you can leverage RSS feeds to enhance your website’s visibility and user engagement:  1. Content Syndication & Cross-Promotion RSS feeds allow your content to be easily shared on other platforms, websites, or apps that aggregate industry news or niche topics. By offering an RSS feed, your blog or news section can automatically push your content to aggregators or partners, broadening your reach without extra effort.  2. Email Newsletters Automation Integrate your RSS feed with email marketing platforms like Mailing List Services . This automation allows subscribers to receive daily, weekly, or monthly email updates of new blog posts or articles directly from your feed, keeping them engaged with your content
Read more