Oh no! You accidentally clicked on a spam message in your inbox. You closed it quickly, but now you might wonder what happens if you open spam email? Is it dangerous to have clicked on one of the messages?
There is little danger to opening a spam message as long as users do not open links or attachments. If your email app or webmail automatically loads images, some tracking can occur. Downloading attached files or clicking linked text or images opens users to threats like malware, ransomware, or phishing.
We’ve all been warned to watch out for suspicious emails. Even when we have a sound spam detection system, the occasional email will make it to our inbox and even under an accidental click.
Let’s go over 4 things that can happen when you open a spam email. We’ll also detail ways to protect your account.
Before Spam Arrives In Your Inbox
Spammers gain a little insight even before their message reaches your inbox.
An email sent to an invalid address will be rejected and bounce back to the sender. Spammers know that your email account is valid by watching for bounces.
Unfortunately, there’s not a great way to defend against this. Fake bounce, auto-responders are ineffective.
Most users have their email address tightly linked to their actual inboxes. This means we cannot prevent a spammer from discovering your email address is valid.
Heads up: Later, we’ll go over ways to separate your email address from your actual mailbox where you manage emails.
What happens next is scary, but there’s a straightforward solution.
Immediately Upon Opening
Can spammers tell if you open an email?
Spammers can tell if you open an email when you or your email application interact with their message. When your webmail or mobile email app automatically downloads remote resources like photos or graphics, the spam sender immediately knows their content was viewed.
Most email users prefer auto-loading images, so emails look nice when they click to read messages. This is a mistake when it comes to defending against spammers.
How does this work:
A spammer designs an email with embedded images to make the message look professional. They host or store these photos or graphics on their server. When your email app, mail reader program, or webmail requests these images, the sender receives numerous data points while sending the email’s graphic elements.
Here’s a list of the most common bits of information revealed when you auto-load images:
- IP Address: This is an internet address of your home router, cellular provider, or work connection that can be used to derive the following:
- The approximate geographic location usually down to a city level.
- Your internet service or mobile phone provider.
- If you’re at work, the spammer can find the name of your company.
- The type of connection you’re using, like DSL, fiber optic, mobile data, etc.
- Device type like a mobile, tablet, desktop/laptop.
- Operating system like Windows, Mac, Chromebook, or Linux.
- Which browser or mail reader app you use.
- Device time and time zone.
- Screen size.
- Device language.
The way to stop giving this type of metadata to spammers is to turn off automatic image downloading in your mobile email app, desktop email client, or webmail. Most services offer this function.
Later on, we’ll give you quick instructions on stopping auto-loading images for some popular email apps and webmail sites. But, what’s the next danger after just opening a spam email?
When You Reply or Forward Spam
Comedian James Veitch gave a hilarious Ted Talk on what happens when you reply to spam.
It’s reasonably apparent that it’s not a good idea to directly reply to spam emails despite Mr. Veitch’s sketch from above.
You confirm that you’re a willing participant in an email conversation with fraudsters in the least severe instances.
In the worst scenarios, you could inadvertently give away personal information that can compromise your online privacy or security.
For the instances when you receive an email from one of your known contacts that looks suspicious, it is best to start a new email or instant message/text your contact. Use this new, separate channel to ask if they sent an email with the suspect subject. Do not reply or attach the original spam email.
However, the worst thing you can do after opening a spam email is the most dangerous.
Opening an Attachment or Clicking a Link
Can you get a virus just by opening an email?
It is not typically possible to get a virus just by opening an email. The programming behind emails is too basic, requiring attached or remote resources to load. Users need to click a link or open an attachment from a malicious message to start an infection on their computer or smartphone device.
Some dangerous files are fairly obvious such as zip files or executables like programs or mobile apps. These should never be opened unless received from a highly trusted and confirmed sender.
Other attackers send spam containing files whose native format includes automation. For example, PDFs can contain viruses.
The fortunate problem with sending malware as an attachment is that many email systems have sophisticated detection software that scans attachments to find viruses or other malicious files.
This works against most attackers. Spammers instead entice users to click a text or image link.
Deceptive Text or Image Links
Links within emails are an invaluable tool for most legitimate situations.
Emails are size-restricted and do not have automatic or dynamic content updates. It’s often more efficient to send a user to a web page containing the most up-to-date information.
A link can be a bit of text or a clickable image. This hides the destination, which may be an internet site operated by spammers or fraudsters.
Over the years, there have been several very creative ways to fool the average email user. Many of these attacks work by exploiting users’ inattentiveness to internet addresses. These are often linking to a phishing website or a remotely-hosted piece of malware from a site posing as a valid and well-known site.
Here, I’ll pick on GoDaddy as an example only.
- Purpose-Registered Domains: GoDaddyInvoicing.com
- Typo Domains: GoDady.com
- Look-Alike Domains: GoDаddy.com [replaced the English letter “a” (U+0061) with the Cyrillic letter “а” (U+0430)]
- Sub-Domaining: invoice.GoDaddy.com.xfqfk3r.host
- DNS Poisoning: Requires an attack at top-level domain lookups to replace the IP address of GoDaddy.com with an attacker’s address. This propagates across the Internet for a short time.
What do you do when you open a spam email?
- Close email messages without clicking links or opening attachments.
- Mark the email as spam or junk to help train detection software.
- Run a malware or virus scan on your desktop or laptop computer.
- Watch for emails or texts from friends, family, or colleagues about strange emails.
- Notify a manager or IT department staff member in a work environment.
A few more quick tips:
- Be suspicious of emails from your contacts with odd subjects, or the email body text is not right.
- Use throwaway email addresses from Nada or SimpleLogin
- Turn off auto-loading images in your email app or webmail
Turning off automatic image loading in desktop, mobile, and webmail services increases security. This results in the need to manually click a link or button in each email message to load externally-hosted graphics.
This is an excellent extra step despite emails looking a little bland. It allows you to decide each time if you’re willing to risk your privacy and security.
The following are the most common email application or webmail sites and how to turn off automatic image loading.
Desktop/Laptop Email Clients
- Open the Outlook application.
- Click on the File tab.
- Select the Options link on the left navigation.
- Select the Trusted Center option on the left in the dialog that appears.
- Click the Trust Center Settings button on the main panel.
- Select Automatic Download from the lefthand options list.
- Put a checkmark on the option reading: “Don’t download pictures automatically in HTML email messages or RSS items”.
- Add a checkmark to the option for: “Don’t download pictures in encrypted or signed HTML email messages”.
- Open the Mail app on your Mac.
- Click the Mail menu option and select Preferences.
- Go to the Viewing tab.
- Remove the checkmark next to the option: “Load remote content in messages”.
- Open the Thunderbird email client.
- Click the menu (hamburger) icon in the upper-right.
- Choose the Preferences option.
- Click the Privacy & Security in the left-hand navigation.
- Find the sub-section called Mail Content.
- Uncheck/remove the check from the option: Allow remote content in messages.
- Open a web browser to your Gmail.com account.
- Click the Setting gear/cog icon in the upper right.
- Select the See All Settings button.
- Find the Images section on the General tab.
- Change the radio button to the option: “Ask before displaying external images”.
- Scroll to the bottom and click the Save Changes button.
Outlook / Office 365
- Open a web browser to your personal or company Outlook webmail.
- Click the Setting gear/cog icon in the upper right.
- Type in the Search box the keyword: “External”.
- Click the External Images settings result.
- Find the External Images sub-section on the right pane.
- Change the radio toggle to the option: “Don’t use the Outlook service to load images”.
- Open a web browser to your Yahoo Mail.
- Click the Setting gear/cog icon in the upper right.
- Select the More Settings link in the popup pane.
- Select Security and Privacy in the left pane.
- Click the Viewing Email option on the left navigation.
- Find the sub-section called: “Show images in messages”.
- Toggle to the radio button reading: “Ask before showing external images”.
Mobile Email Apps
- Open the Gmail app.
- Tap the menu (hamburger) icon in the upper-left.
- Tap Settings then your account.
- Find the sub-section called: “Data usage” (Android) or “Images” (iOS).
- Set the option reading: “Ask before showing”.
- Tap the account icon in the upper-left corner.
- Tap the Setting gear/cog icon in the lower left.
- Find and tap your Mail account.
- Toggle on the option: “Block external images”.
- Go into the Settings app.
- Scroll down and tap the Mail setting.
- Find the Messages sub-section.
- Turn off the toggle switch: “Load Remote Images”.
Merely opening a spam email doesn’t have the dangers it once did, especially if you’ve configured your email app or webmail as we’ve described.
If you’ve clicked into a message accidentally, simply close and mark it as spam or delete it. You’re safe as long as you’ve not clicked an attachment or link within the email.
Run your computer’s malware scan if you’ve opened a spam attachment or clicked on a text or image link that opened your browser to a website.
Become more vigilant and skeptical when reading email subject lines.