Start for free
Jason Ginsberg / 9.29.2023Home / Email Security

Spam email—What it is and how to deal with it

Spam email isn’t only used for invasive advertising but for malicious purposes as well. Learn how to keep it away from your inbox and stay safe.
Receiving a spam email is frustrating at best. Unsolicited mail fills your storage and distracts you, but this is far from its most dangerous consequence. While many spam emails are sent as a part of intrusive advertising tactics, others are a vector for cyberattacks like phishing.In order to help you protect your account and keep your inbox clean, this guide will teach you everything you should know about spam emails. You’ll learn why you may be seeing so many of them and how to stop receiving unwanted emails.
Shield your inbox from spamSkiff Mail's end-to-end encryption ensures your inbox remains clear of potentially harmful spam emails
Sign up

What is spam mail?

Spam mail is a form of junk mail typically sent in bulk using dedicated software. There are various types of spam emails, the most notable of which are shown in the following table:
Spam email typeWhat it is
Commercial spamEmails promoting products and services you most likely have not shown any interest in
Phishing spamA form of social engineering where the attacker impersonates an official or well-known institution/company to extract sensitive data from the victim
Pump-and-dump spamSpoof emails promoting stocks of a company to artificially increase their price
In most cases, spam email comes from unfamiliar addresses. To understand how this is possible, you should familiarize yourself with the underlying mechanisms of spamming.

How does spam email work?

You’ve most likely left your email address on various sites across the web. Spammers use a program known as a harvester or extractor to pull the email address from such websites and add it to their database.This is done without your consent and results in unsolicited mail. While humans may send such mail, a more common approach involves botnets—groups of devices infected by malware controlled by the so-called bot herder, who uses them to send spam emails en masse.The consequences of interacting with a spam email depend on what it was designed to do. In cases of regular commercial spam, responding will most likely lead to further invasive advertising, which is annoying but not particularly dangerous.The real problem arises when the spam email contains malware or phishing links. Spammers often expand their botnet by installing malware on the target’s devices, which on your end may look like a regular attachment. Worse yet, following malicious links can compromise your login credentials or sensitive information.

“Why am I getting so much spam mail?”—A common question

According to Statista’s data, almost half of all emails sent in 2022 globally were spam. This ratio has been steadily increasing over the last few years, mainly as a result of spammers using more sophisticated strategies to target users and circumvent anti-spam measures.If you notice a sudden surge in spam, there are several reasons why it might’ve happened, most notably:
  • Your email address has been harvested and added to a spammer’s database
  • You’ve opened or replied to spam emails in the past, which a spammer sees as a signal to send additional emails
  • Your email provider’s spam detection isn’t working properly
Whatever the reason, receiving excessive amounts of spam is distracting and frustrating. The good news is that there are various ways to clean up your inbox and prevent further unsolicited mail.

How to stop spam mail and protect yourself from its consequences

If your inbox is flooded with spam, you can take the following steps to mitigate the issue and avoid falling victim to cyberattacks:
  1. Report spam and delete it from your inbox
  2. Block spammers
  3. Use email aliases
  4. Follow proper email security practices
  5. Change your email address/provider

How to remove spam from email and report it

While your email provider can’t handle each individual case of spam, reporting is still worth it because it improves the accuracy of their detection algorithms. Most email providers let you do it in a few clicks, so it won’t take a lot of time.If we use Gmail as an example, you can report spam by taking the following steps:
  1. Open the spam email
  2. Click the alert button above the subject line
  3. Click Report spam (you can also choose Report and unsubscribe to stop receiving future emails)
Source: Gmail screenshotSpam reporting works similarly across email services, so you shouldn’t have trouble finding the option once you’ve opened the email.You can also report spam to the Federal Trade Commission (FTC) through their fraud reporting platform. This will add the email to their database and share it with law enforcers. The case still may not be investigated separately, but this helps the authorities take action against spammers.Once you’ve reported a spam email, you can delete it from your inbox (provided it doesn’t get removed automatically). Most email providers have dedicated spam folders from which you can remove mail in bulk. You’ll find Gmail’s spam folder on the left side of the inbox, much like Outlook’s folder named Junk.Using Outlook as an example, you can delete spam in three steps:
  1. Open the Junk folder
  2. Click the checkmark above the emails to select them all
  3. Click Empty folder in the upper-left corner and confirm the deletion
Source: Outlook screenshotAs spam detection isn’t ideal, not all emails will be sent to the spam folder. If you find any in your main inbox, you’ll need to delete them separately.

How to block spam email addresses

Blocking a spammer is effective in reducing spam mail, though it’s not a foolproof method as botnets may include numerous devices and addresses controlled by one spammer. In many cases, you should still see a noticeable difference, so doing it is worthwhile.The process is similar in Gmail and Outlook, as the block feature positions are almost identical. You can access it by taking these steps:
  1. Open the email from a sender you wish to block
  2. Click the three-dot button in the upper-right corner above the message
  3. Click Block [Sender] and confirm the action
Reporting and blocking spammers are the main ways to minimize the number of junk emails, and they’re available with all major providers. If this isn’t enough, you can opt for more advanced measures like concealing your email address through an alias.

How to create email aliases

An email alias is an address from which mail is forwarded to your primary address. It can be used as a burner email if you don’t wish to reveal your real address when signing up for different services.Aliases are an effective way to prevent your primary address from being harvested and enjoy more privacy. While a spam email sent to an alias will be forwarded the same way as legitimate mail, you can delete the alias to stop spam targeting it from reaching your main inbox.While most providers take a similar approach to aliases, there are some differences. For example, Apple Mail lets you create an alias but has a separate feature called Hide My Email, which gives you an option to automatically generate a random alias when you start signing up for a new service.Paid Gmail users can create aliases easily through the Google Workspace Admin Console, but the option isn’t as intuitive for free users. You can only add an existing email address and treat it as an alias, which defeats the purpose of a burner email because you might actually be using the existing address.Your best option is to find an email provider that offers free aliases you can create directly from the main account. There are several such services, and you will learn about one of them later in this guide.

Following the necessary security practices

You most likely won’t remove all spam mail and stop receiving further unsolicited emails immediately. Once your address is harvested, ensuring you never receive a spam email again is virtually impossible. That is why you should still be familiar with the best email security practices.The first and most impactful one is to be selective when leaving your email address online. Carelessly sharing it means your address will almost certainly be harvested at some point. If you’re unsure of the website’s privacy policies and reputation, it’s best to avoid giving them your address.Another crucial aspect of security is knowing how to recognize a phishing email, considering that many spam emails fall under this category. Beware of the following signs:
  • Unusual greetings that don’t include your name (“Hello Sir/Madam,“Dear user,” etc.)
  • Broken English, including obvious spelling and grammar errors
  • Prompts for action involving your private data and combined with a sense of urgency
  • Strange email addresses next to a seemingly legitimate sender name
If you notice any of the above, refrain from completing the suggested action, which commonly includes entering your account credentials or leaving bank information. Ignore the email and report it as a phishing attempt to your provider and the FTC.
Take proactive steps to ensure securitySkiff Mail's advanced filtering and encryption prevent harmful emails from reaching your inbox
Sign up

Changing your email address or provider

In some cases, spam can be so overwhelming that the above steps won’t yield sufficient results. You might receive multiple spam emails daily regardless of what you do, which is a sign your email address is likely in multiple spammers’ databases, which they further distribute.If this happens, you should consider deleting your email address and starting fresh with a new one. Most email services let you change the address and transfer your emails to a new one, so you don’t need to lose your existing correspondence.Unless you’re fully satisfied with your email provider, this is an opportunity to find one more tailored to your needs. Opting for a service focused on security and privacy is an excellent way to minimize spam issues in the future while safeguarding your correspondence.Unfortunately, this selection excludes most commercial Big Tech providers like Gmail, Outlook, and Yahoo, which don’t do enough to give users peace of mind.

Why you should consider switching from a Big Tech email service

Popular email services are quite prone to spam. Outlook is an excellent example—users have complained about its ineffective anti-spam efforts for a while now, but the issues still persist.While it’s true that your email behavior mainly determines the risk of spam, your provider should offer sufficient security to keep your correspondence and data safe. In other words, they should be a privacy-first service implementing advanced security measures.Besides spam and malware protection, your service should provide the following:
  • Minimal to no storage of sensitive data on servers
  • Two-factor authentication (2FA) which helps prevent account takeover after successful phishing attempts
  • Anonymity during signup
Most importantly, the provider should protect your emails with end-to-end encryption (E2EE), as this is the only way to ensure complete privacy.With E2EE, each email is turned into ciphertext before leaving your device using a key created and stored on it. Only the recipient has the decryption key on their device, which means nobody else can decipher your email.Big Tech email providers don’t provide this level of protection by default. Not only do they use weaker encryption protocols like Transport Layer Security (TLS), but they also own the encryption keys, which means they can decipher and read your messages.To avoid this and ensure your emails are only available to the recipient, choose an email provider like Skiff Mail.

Skiff Mail—Private, secure, and free

Skiff Mail is an end-to-end encrypted email service that gives you full control over your personal data. It uses two separate keys to keep each email private—a public encryption key shared with the recipient and a private decryption key stored safely on the user’s device.Thanks to such a secure protocol, nobody but the recipient can see plaintext copies of your emails—not even Skiff. Your account and data are further secured by the following measures:
  • Zero-knowledge login, which lets you sign up without leaving your name, phone number, or other identifiers
  • Two-factor authentication using the Authenticator app
  • Secure Remote Password, which encrypts other encryption keys and critical account data, like your login credentials
Skiff Mail also blocks trackers that advertisers and malicious parties use to gather information on your email behavior. Such information can be used to fine-tune phishing attacks, so blocking is an effective way to reduce the risk of a successful attempt.If you want to learn more about these security features, you can read Skiff’s whitepaper. The platform is open source, so you can also find its codebase on GitHub.

Free plan, premium features

When you create your free Skiff account, you’ll get access to various useful features, most notably:
  • Lightning-fast email and text search
  • 10 GB of end-to-end encrypted storage for your emails and files
  • Five folders and labels
  • Two filters for sorting emails effortlessly
  • Four Skiff.com aliases you can use as burner emails or dedicate to different email uses
  • Integration with major crypto wallets for anonymous correspondence
  • Custom signatures and one custom domain
You can enjoy all of the above features without time limits. They’re packed in a modern, user-friendly interface that streamlines your correspondence without distractions.
Source: SkiffIf you need to expand your workflow beyond emailing while ensuring privacy, Skiff lets you do it with three additional end-to-end encrypted platforms included in the free plan:
  1. Skiff Pages
  2. Skiff Drive
  3. Skiff Calendar
The following table offers an overview of each platform’s feature highlights:
Skiff PagesSkiff DriveSkiff Calendar
Rich text editor for creating comprehensive docsSupport for files of all sizes and typesAutomatic syncing with Skiff Mail
Invite-based collaborationUp to 2 TB of end-to-end encrypted storageShared calendars
Encryption of each doc’s contents and key metadataOptional integration with the InterPlanetary File System (IPFS)Built-in video conferencing
All Skiff platforms are available on iOS, macOS, Android, Windows, and major browsers, so you can enjoy complete flexibility while keeping your data secure.

Sign up for Skiff Mail

You can leverage Skiff’s advanced security and features by creating an account in minutes—it only takes three steps:
  1. Go to the signup page
  2. Choose a username and password
  3. Explore Skiff Mail and other E2EE products
To unlock up to 15 aliases, auto-reply, and additional useful features, you can choose between three affordable paid plans:
PlanCost
EssentialFrom $3 per month
ProFrom $8 per month
BusinessFrom $12/user per month
Note that Skiff—like any other email provider—can’t guarantee protection if your device is compromised by malware. Remember to follow the aforementioned security practices, and Skiff will handle security beyond your device.

Join the community

Become a part of our 1,500,000+ community and join the future of a private and decentralized internet.

Free plan • No card required
Skiff Logo
Twitter iconDiscord iconGitHub iconLinkedIn iconYouTube icon
© 2023. All rights reserved.
ProductsMailPagesDriveCalendarPricingDownloadRoadmap
ResourcesBlogHelpAbout usChangelogFor startupsFree online notepadVideos
Top ResourcesAnonymous emailEnd-to-end encryption emailSecure documentsCloud storage guideCloud data protectionHave I been hacked?
DeveloperGitHubLibrariesSkiff Crypto docsSkiff UI docsWhitepaperReport an issueStatus
LearnEmail securityCloud storageQuick AliasesEncrypted notes
LegalPrivacy policyTerms of serviceAcceptable use policyTransparency