Are you worried about opening suspicious emails? You’re not alone. Many people are confused about the risks associated with spam and phishing emails. That includes Bill, from Groton, CT, who wrote to us asking,
Myself and my friends are unclear if we can get into trouble by clicking on a spam or hacker email…as long as we don’t open anything INSIDE the email … in other words … can we EVER get into trouble by simply reading any email ??? thank you if you can address this to your viewers … I think many are unclear about this. – Bill, Groton, CT
That’s a great question, Bill. Now, let’s dive into this topic and clear up some common misconceptions.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
Common misconceptions
Opening emails can instantly infect your device: One common myth is that simply opening an email can automatically infect your device with malware. In reality, modern email systems (such as Gmail, Outlook, etc.) generally prevent this from happening. The real danger comes from interacting with the content inside the email, such as clicking on malicious links or downloading harmful attachments.
Plain text emails are always safe: While emails in plain text format are generally safer than HTML-based emails, they can still pose a risk if they contain malicious links. Phishing attacks can appear in plain text emails, luring you to dangerous websites.
Emails from known contacts are always safe: Even if an email appears to come from someone you know, that doesn’t always mean it’s safe. Attackers can spoof email addresses or hack accounts, so always be cautious about unexpected or unusual messages from known contacts, especially those containing links or attachments.
Spam filters catch all malicious emails: Spam filters are highly effective but not perfect. Some sophisticated phishing and malicious emails can bypass these filters and land in your inbox. This is why it’s important to stay vigilant, even with emails that seem to have passed your email service’s security checks.
Previewing emails is always safe: Most modern email clients use a “preview” pane for quick reading. While the risk of malware through previews is significantly reduced in up-to-date systems, embedded trackers or other forms of data collection can still occur, confirming your activity to the spammer. Always disable automatic image loading or other active content features in your email client’s settings to minimize exposure.
CONTROL SPAM – HOW TO CREATE A QUICK ALIAS EMAIL ADDRESS
What to watch out for
As mentioned already, generally, simply opening an email is not enough to cause harm. However, there are some important points to consider:
1) Embedded trackers: Some spam or phishing emails contain trackers that can notify the sender when the email is opened. This can confirm to the spammer that your email address is active, potentially leading to more spam.
2) Malicious links and attachments: The real danger lies in clicking on links or downloading attachments within the email. These can lead to malicious websites or download malware onto your device.
3) HTML emails: Emails that contain HTML content can sometimes execute scripts when opened. While modern email clients have protections against this, it’s still a potential risk.
4) Phishing attempts: Even if you don’t click on anything, phishing emails can be designed to look very convincing and may trick you into providing personal information if you respond.
WHY AM I GETTING SPAM FROM MY OWN EMAIL ADDRESS AND HOW TO STOP IT
How to stay safe from suspicious emails
If you’re worried about receiving sketchy emails, there are several steps you can take to stay safe and reduce your risk of encountering malware or falling for scams. Follow these guidelines to protect yourself:
1) Avoid clicking links or downloading attachments: Never click on links or download files from emails you don’t trust. Scammers often use these tactics to direct you to malicious websites or install malware on your device. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
2) Use a reputable email client: Choose an email provider that prioritizes security features like spam filtering and two-factor authentication to add an extra layer of protection for your account. Read more about secure and private email here.
3) Enable email filtering: Turn on spam filters to reduce the number of unsolicited or potentially dangerous emails reaching your inbox. This reduces your exposure to phishing attempts. Most email platforms these days automatically filter out what they assume to be “junk” into their own folder. If you notice the amount of spam getting through to your inbox increasing, you may want to consider a Spam Filter. There are free options for different email providers. For Gmail, try Mailwasher. For Outlook and Windows Mail, try Spam Bully, which costs an annual fee of $29.95.
4) Keep your software updated: Regularly update your email client and operating system to stay protected from the latest security vulnerabilities that hackers might exploit.
5) Consider data removal services: Use data removal services to ensure your personal information is less accessible to potential scammers. This reduces your risk of being targeted in the first place.
While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time.
A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.
Special for CyberGuy Readers (60% off): Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $5.99/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 190+ data brokers. You can add up to 3 emails, 3 home addresses, and 3 phone numbers (U.S. citizens only) and have them removed from data-broker databases. I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.
Get Incogni for your family (up to 4 people) here
Check out my top picks for data removal services here.
HOW TO BLOCK THOSE UNWANTED AND ANNOYING SPAM EMAILS
Kurt’s key takeaways
While opening spam emails isn’t typically dangerous, it’s always better to err on the side of caution. Be vigilant, trust your instincts, and when in doubt, delete suspicious emails without opening them.
What’s the most convincing spam email you’ve ever received, and how did you recognize it was fake? Share your stories with us in the comments below.
TO GET MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
5 comments
My emails have an arrow, (pointed down) beside the “sender’s” name. If I’m uncomfortable with the sender’s name, I click on the arrow to reveal the sender’s email address. Getting a LOT of emails from names with Cornell.edu or similar edu accounts. I actually called the IT people at Cornell. They told me the sender can now spoof every element of the email, the professional looking “ad” from a respected retailer, the emailer name and the .com (or .edu) etc.
Is that true? I told my ISP that they should go after the sender using @triad.rr.com or .edu. They say it would be illegal for them to do that.
Love your posts every day. Question: Can opening a “PDF” in an email cause problems? Thank you and Happy Holidays
Hello, opening a PDF in an email can pose risks, such as malware, viruses, phishing attacks, and exploits. To stay safe, only open PDFs from trusted sources, keep your PDF reader and antivirus software updated, scan PDFs before opening, and disable JavaScript in your PDF reader. These precautions help protect your device and personal information.
Love your advice on all things computer, including videos on various topics. One question I have is related to text messaging on an iPhone: what if you click on a text message just as you realize it has to be or can be a trap? I inadvertently did this but instead of hitting delete, I clicked open. Thanks, Karen
Hi Karen, don’t worry, it happens to the best of us. Here are some steps you can take to minimize any potential damage:
1. Disconnect from the Internet: Immediately disconnect your iPhone from Wi-Fi and cellular data to prevent any potential malware from communicating with its source.
2. Change Your Passwords: Change the passwords for your important accounts, especially if you use the same password for multiple accounts. Enable two-factor authentication wherever possible.
3. Check for Unusual Activity: Monitor your accounts for any unusual activity, such as unauthorized transactions or changes to your settings.
4. Update Your Software: Ensure your iPhone is running the latest version of iOS to benefit from the latest security patches.
5. Report the Incident: If you believe your information has been compromised, report the incident to your email provider and any other relevant services.
Incidentally, if you don’t already have antivirus software, make sure it’s actively running on your device. Strong antivirus will protect you from clicking through on these malicious links. If you don’t have antivirus software, please see Kurt’s picks here.