Spam isn't just a hassle. It can be dangerous

Many spam e-mails contain malware in an attachment. This is why you should never open an e-mail attachment from a sender you do not know. Text in a spam mail often contains a link that leads to a malicious website: one careless click opens in your browser a fake website that could be infected with malware. In HTML format, spam messages may also contain dangerous scripts that could install malware on your computer or tablet. By the way, spam mails are a main source of ransomware.

According to findings of the BSI, most cases of spam are sent via compromised servers, infected client systems or legitimate e-mail accounts. Systems that distribute spam are often assembled into a botnet, which makes it easier for cyber criminals to market waves of spam activities as a service. In addition, the BSI is increasingly seeing the use of personal information such as data stolen from large service providers and contact folders of different e-mail applications from infected systems. This trend substantially increases the threat of infection via spam.

Known sender = no worries?

Alarm bells should be ringing every time you receive an e-mail from someone you don't know. Be especially careful if you are addressed impersonally with for example "Dear sir or madam,". This might indicate that the sender has found your e-mail address, but doesn't know your name. Unfortunately, even known e-mail senders are not a reason to believe everything is one-hundred per cent fine. Even the known e-mail address might be fake, duplicated or stolen.

Curious or unusual wording in the message or an uncommon amount of spelling errors could be a sign of spam from a foreign or non-native source. One nearly unmistakable sign of spam is a request or demand to provide personal data. For example, the message may claim that you must verify your account at an online payment provider. Another common spam trick is to send bogus invoices, often in a ZIP file, as an attachment. It is highly likely that the supposed invoice is hiding a malicious program that secretly infects your computer with malware when you open the file.

• Unknown senders
• Unusual, often cryptic sender names
• Anonymous form of address
• No disclaimer or boilerplate
• No link to unsubscribe, as in a real newsletter
• Weblinks or images that can be clicked on in the e-mail text
• Strange subject line or content
• Many grammar and spelling errors

• ZIP, Word or Excel files attached