How did I end up on a spammer’s list?
Signing up for newsletters, listserves, blogs, or providing your email address for any other reason on websites or social media streams can potentially expose you to spammers. Even when purchasing something at a physical retail store, you might be asked for your email address to sign up for the retailer’s loyalty rewards card, e-flyers or promotion alerts. By doing so, you risk ending up on a contact list that might be sold to a third party, and that third party might be a spammer. Many of these lists are obtained and sold legally, but the seller has no control (and probably very little concern) over who buys it.
Aside from “harvesting” email addresses from websites and purchasing email lists, spammers can also guess potentially valid email addresses by combining common names with valid domains (i.e. firstname.lastname@example.org or email@example.com). Also, if you are unfortunate enough to be a contact in the address book of somebody whose computer has been compromised by malware (viruses, spyware), you and those other contacts might find yourselves receiving (or even sending) a stream of spam.
How do I know it’s spam or a phishing scheme?
This is where things get a bit more difficult. As people become more informed and a lot warier, spammers have to get more sophisticated too. As a result, spam can be disguised as fairly legitimate-looking emails. However, a bit of common sense can still protect you from clicking on something you shouldn’t. A general rule is that if you don’t know the sender or you don’t deal with the organization from which you have received an email, then you should be very suspicious. For example, if you have received an email from a financial institution that you don’t deal with, chances are very high that it’s a phishing scheme.
Take a look at the sender’s email address too. While it might be displayed as something legitimate-sounding, the actual email address might be a very different story. For example, the name displayed in the “From” line might be firstname.lastname@example.org, but when you hover over it with your mouse, you see that it’s really coming from email@example.com.
Microsoft’s Safety & Security Centre has a useful website that talks about recognizing email and phone phishing schemes, as well as information about staying safer online. View the Microsoft Safety & Security page here »»
I’ve been spammed. Now what?
One thing you definitely don’t want to do is reply to or click on anything in an email that you suspect is spam. Replying to the email will only confirm to the spammer that your address is valid, exposing you to even more spam. Clicking on any links within the email can expose you to viruses and phishing schemes. You should just delete the message and consider setting up some rules in your email program that will block future emails from that sender. See more about that under “Ways to filter and block spam” on this page.
If you have received something that looks like a newsletter but you don’t remember signing up for it, then it’s probably not a good idea to click on the “unsubscribe” link. It’s just one more way to inadvertently notify a spammer that your email address is valid and can also expose your device to malware if the link leads to a malicious download. If it’s a legitimate newsletter that you know you signed up for but you still don’t feel comfortable clicking on an “unsubscribe” link in an email, then go directly to the organization’s website and unsubscribe from there.
Ways to filter and block spam
• Outlook Web App for Office 365
• Outlook for Mac
• Outlook for Windows
Reporting spam to Microsoft (Outlook users)
Users of the Windows versions of Microsoft Outlook can download a simple plugin that will allow you to easily send samples of junk email to Microsoft for analysis. This helps them to improve their spam filters and hopefully increase their effectiveness so that less spam ends up in users’ inboxes. The add-in is included with some Office installations, but if you don’t see the Report Junk option in your Junk E-mail Options list, you can download the add-in. To download and install the Junk E-mail Reporting Tool, please visit http://www.microsoft.com.
Download the appropriate executable file for your version of Outlook. In most cases, this will be the one labelled Junk Reporting Add-in for Office 2010, 2013, 2016 .msi.
After following the prompts for installing the add-in, a junk reporting icon will appear in the top toolbar of your version of Outlook. To report a message as spam, highlight the email message and either right-click with your mouse to get a drop down menu with “Report Junk” as one of the options, or go up to the Junk/Report Junk icon on your main Outlook toolbar.