We all receive unsolicited messages, be they emails, SMS, IM’s as well as by the traditional postal system. By their very nature these messages are largely unwanted and clog up our mailboxes. It should also be noted that unsolicited messages are sometimes malicious, causing you to download malware or disclose private information as part of a phishing attack.
This blog post will provide a number of tips that will help you to limit the amount of spam you receive and maybe even make your communications more secure. Included in this posting are tips on:
- Managing your Social Media
- Managing where you sign-in
- Managing your Subscriptions
- Managing your Email/IM Account
- Managing your devices
- Unsubscribing from spammed mailing lists
- Stopping Direct Marketing.
This blog will be updated as we find more tips, so maybe one for you to bookmark.
TIP 1 – Manage your Social Media
The default settings for your social media accounts are often set so that they are open to the world. This is changing but you really need to inspect your privacy settings so that:
- Your email address is private and not quoted on your profile page
- Postings in your timeline don’t get broadcasted to the world, only to your friends
- Information relating to your physical location are scrubbed in images (meta data in images contains geo-location information)
- Limit auto-tagging of people in photos you upload
- Private information (e.g. age, date of birth, home address, actual name) are hidden from public view even to friends
- Check out Friend Requests and make sure they are someone you know or want to have access to your private timeline
- Be mindful about posting information about others and ensure that their privacy isn’t compromised as well.
Social media accounts are a great source of personal information that is often skimmed by cyber criminals to make phishing attacks more effective. It is very important that you keep this information as private as possible but without stopping your real friends from seeing it.
TIP 2 – Be careful about where you sign-in
A lot of websites have a means to post comments, or get premium content if you sign-in. In doing this you are providing the website with some personal information in exchange for the premium content. These websites often require:
- An email address
- Your name
- Mobile/cell number
- Your general location (e.g. Country, State/County, City)
- Your occupation
- Professional status
- Salary bracket.
The general rule is that if you are not paying for a product, you are the product! These websites will often package up the information you give them and sell it on to information aggregators who then sell it on to direct marketers/spammers. Because they also have your information, they can target you specifically with services they offer.
When you sign up to a website always:
- Check their terms and conditions and any statements on how they use your information
- Limit what you tell them
- Use a disposable email address (a lot of email providers allow you to create aliases that can be discarded when they get spammed)
- Use a disposable mobile/cell number (Pay As You Go SIM cards and burner phones are easily available in most regions)
- Tick the box (or untick the box) that says that you don’t what direct marketing
- Is the content worth all the hassle of providing all this information?
TIP 3 – Manage Subscriptions
There will be websites and/or publications that you want to subscribe to. However what was a good idea when you subscribed, may not be something you want to continue with.
Keep a note somewhere of the services you have subscribed to, what email address you used, etc. On a periodic basis review what you are subscribed to and anything you don’t want to continue with make sure you cancel the subscription. If there is a repeating payment associated with the subscription, make sure it is cancelled before you cancel the subscription. As part of the cancellation process, make sure you take down any personal information and photos.
TIP 4 – Manage your Email/IM Account
Your email/IM account has a number of features that limit how spam is sent to you. If you look in your email client this often has specific spam settings that you can investigate to limit the propagation and detection of spam. If you use a webmail account, this will also have settings that allow you to control how spam is propagated.
Things to do are:
- Configure Safe Senders and Mailing Lists that you want to receive emails and messages from
- Configure a block list that will block emails from the quoted email address or domains
- Often you can set email to go to the spam folder if it is not from a contact.
Similar settings exist in instant messengers so that your contacts get through, but no-one else. These features vary by application, so best to investigate yours and see what can be set.
Email addresses, IM Id’s and phone numbers can also be disclosed in data breaches and used to send spam. It is worth regularly checking whether your information is in a data breach by going to sites like ‘Have I Been PWND?‘. If your email address/Id has been disclosed, then:
- Stop using it
- Replace it with another (see the tip about aliases above)
- Replace the email used at your subscriptions with your new one
- If one of your subscriptions has been subject to a data breach, consider whether or not you want to continue using it.
TIP 5 – Manage your Devices
Your devices leak information everywhere they go. Your location information is often sent back to Google (especially if you use Google services or an Android phone), and your WiFi is pinging off every open WiFi hotspot you pass. As a result you can be bombarded with messages from various services as you walk around. A few suggestions are:
- Turn off your WiFi when not using it
- Turn off your location services on your phone/device unless you need it for navigation
- Turn off Bluetooth while you are not using it.
Apps you download may be gathering information about you due to the permissions they ask for and are granted by default. It is best to review the permissions apps ask for before you install them. If the permissions are too invasive, then don’t install them (e.g. a torch light app does not need access to WiFi, Location, contacts, etc. to operate).
TIP 6 – Unsubscribe Buttons
You will often receive unsolicited emails that end up in your spam folder. Depending on the email provider, emails that end up in spam folders are often returned to the sender as undeliverable. As a result, the spammer may then remove you from their list.
These emails often have a ‘Click here to unsubscribe’ link or button.
DO NOT CLICK ON THIS!!
These emails have already been marked as spam, so are suspect. If you click on these links, or copy the URL into your browser:
- You are confirming the email was actually delivered and that the email address is live, which is something you don’t want to happen
- These links can redirect you to a website that downloads malware before they send you to an unsubscribe page
- Indiscriminate spammers will in all likelihood just ignore the request and treat is as a confirmation that the email address (SMS, etc.) is live.
TIP 7 – Stopping Direct Marketting
If you are in the UK there are some very good laws about direct marketing. However so many of these spammers are not in the UK and largely beyond the reach of the UK courts.
Take a look at the UK Governments advice on limiting Direct Marketing. There are also a number of services on the UK governments page that allow you to register your email address, phone number and postal address that removes you from direct marketing lists in the UK. These are:
- Telephone Preference Service
- Fax Preference Service (yes people still use Faxes)
- Mailing Preference Service
- Email Preference Service.
These links are current as of posting, but may age. If they don’t work then just search for the various services.
If you are outside of the UK, your country may operate a similar set of services and laws. It would be worth looking on trading standards websites and government webpages in your country to see what is on offer.