The primary goal of most SPAM emails is to generate traffic for websites or applications. Common examples include emails promoting adult websites, lottery scams, or gambling platforms. Additionally, some emails may push fake offers or promotional content simply to drive clicks and engagement.
However, these SPAM emails are rarely sent by the businesses or websites they claim to promote. Sending emails in such large volumes requires a robust infrastructure, something that many businesses cannot afford or manage. Reaching a vast audience also necessitates access to extensive recipient lists.
So, who is actually sending these emails?
Spammers are the key players in this ecosystem. They possess the necessary infrastructure and massive email databases. Some businesses looking for exposure pay these spammers to send bulk emails on their behalf. In other cases, spammers sell recipient lists to businesses that can already send bulk emails themselves.
(In a separate post, I will explore how spammers acquire their extensive lists of email addresses and the tactics they use.)
Legitimate businesses, on the other hand, must follow email marketing laws, which vary by country. Most regulations require that promotional emails be sent only after obtaining explicit consent from recipients. Fortunately, there are many bulk email service providers (ESPs) that support compliant email marketing, such as MailChimp, Constant Contact, and HubSpot. These platforms offer the infrastructure and tools necessary for ethical, consent-based marketing.
If you receive an unsolicited promotional email without having opted in, it is considered SPAM.
(We will cover more about consent and email marketing laws in another post.)
Types of Notorious SPAM Emails: Scams, Fraud, and Phishing
Some of the most dangerous SPAM emails involve fraud, scams, or phishing attempts. These emails are crafted to trick recipients into stealing money or sensitive information. Here are a few common examples:
1. Impersonation of Known Applications (e.g., Banks):
These phishing emails appear to come from your bank, claiming that urgent action is needed. They often contain links to fake websites that mimic your bank’s official site and prompt you to enter your login details. Once entered, your account can be compromised.
Tip: Always access your bank’s site through bookmarks or by manually typing the URL into a trusted browser, never through email links.
2. Impersonation of Known Individuals (e.g., Your Boss):
You may receive an email claiming to be from someone you trust, like your manager, stating they are in an emergency and requesting a money transfer or gift card.
Tip: Always verify through a direct phone call before taking any action.
3. “Nigerian Prince” or Unclaimed Money Scams:
These classic emails promise unclaimed funds or propose lucrative business partnerships. In reality, they are just trying to extract money or personal details from you.
4. Too-Good-To-Be-True Offers:
Some emails claim to sell premium brand products at unrealistically low prices. They may say you can pay after receiving the product but require a “small” upfront shipping fee, this is all they want. Others may pretend to forward a message meant for someone else, hinting at a valuable parcel. This baiting technique appeals to curiosity or greed, leading to financial loss.
5. Malware & Ransomware Emails:
These are among the most dangerous. Such emails usually contain attachments or links that appear legitimate, often seeming to come from trusted apps or contacts. However, once opened or downloaded, they can infect your device with malware. Some malware can turn your system into a botnet for illegal activities, while others can lock your files or system entirely, demanding a ransom for release, a form of cyber extortion known as ransomware.
Ongoing Efforts and Responsibilities
Email providers continually work to shield users from SPAM, malware, and other cyber threats. Organizations like M3AAWG (Messaging, Malware, and Mobile Anti-Abuse Working Group) bring together industry leaders to combat these attacks.
While significant improvements have been made over the years, the battle between spammers and defenders is ongoing.
Promotional emails can be legitimate if sent with proper consent and ethical practices. It’s not just up to inbox providers to keep email safe and effective; the responsibility also lies with senders to follow best practices and uphold email marketing standards.
Together, we can keep the email ecosystem clean, trustworthy, and powerful.
Happy Reading!
-He-
Techie Couple 