How to find out the culprits behind your spam emails?
Now in this digital age, it has become more and more critical on how we handle our digital assets. It may not just be about having “safe” password or enabling “MFA”. We need to be more careful about the data we receive and read.
You may know what spam is, like a folder you see in Gmail where you get emails from the unknown senders about “doing a profitable business”. Most of the time they are useless, and you ignore it. But again Gmail is not yet smart enough to correctly segregate spam emails from important ones, and sometimes your inbox is filled with this crap. Sometimes these emails which are supposed to be spam also disguise has a genuine email from some banks or a famous social website. Most of the time they are useless, and you ignore it. But again Gmail is not yet smart enough to correctly segregate spam emails from important ones, and sometimes your inbox is filled with this crap. Sometimes these emails which are supposed to be spam also disguise has a genuine email from some banks or a famous social website. This is called phishing.
You may have heard the term phishing. Wikipedia puts it has a fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising as a trustworthy entity in electronic communication.
So you may have many questions in your head like, Who sends me these phishing mail? Can I avoid it? How to find out you gave away my email address to those bad guys? Let’s take one question at a time.
Who sends me this phishing mail?
Phishing emails generally arise from two sources.
Firstly, it can be a generic spammer who is sending these emails to everyone in this digital world. To simplify, a spammer might be creating a permutation of all the English alphabets and send mail to those people. You may just be the unlucky target of his offensive operation. These kinds of mail are generally well caught by the Gmail (read as a generic email service provider) and are sent correctly to the spam folder. Even though these emails are trying to steal your social credentials or hack bank accounts, I still feel these don’t make much impact than the second category.
In the second case, it is the targeted attack on you. The spammer knows more about you. Thus it is more dangerous. You will be more easily falling victim for these kinds of emails then the generic ones because the spammer has more information on you and can target you, like showing advertisements for quick loans, when you are looking for one.
Can I avoid it?
You cannot. When it is tough for you to identify whether the email is genuine/spam, how can you expect the spam filter to recognize these emails? What you can do at most is, determine who is doing this and how can you block them from future spamming.
How to find out you gave away my email address to those bad guys?
Well, I can tell you what I did.
I purchased a web domain called, sameer.page. It was more towards managing my email rather than using the domain name to host some application or blog. I bought through Google Domains because they have an easy-go-by interface where I can forward up to 100 emails from my domain to my actual email. So, what I did was, I signed up my digital accounts by their name like firstname.lastname@example.org, email@example.com, etc. Of course, these emails forward to my original Gmail account. This is usually more helpful when you are logging into not so famous website, which can’t be fully trusted.
Now suppose, if Facebook was compromised, and the hacker gets my email information, and he starts sending phishing emails to my email address “firstname.lastname@example.org”. Firstly, I will come to know that my Facebook account has was compromised, or Facebook has shared my email address with the 3rd party, and I am their unlucky target.
Now, what I can do is, I can stop forwarding the emails coming from “email@example.com” to my original Gmail account and update my communication address on Facebook as “firstname.lastname@example.org”. By having the virtual email address over your actual email address, you are adding a layer of protection and avoiding those junk emails.
I used Facebook above has an example. They have never spammed me.