Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

Am I Wasting My Time Reporting Scam and Spam Emails?

//
You once said that when it comes to email scams, we should just mark it as a scam or spam and move on. But I’ve found websites to report them to, and some email addresses to forward them to, and I’d like to think I’m doing some good. Are you saying that I’m wasting my time reporting email scams directly to these agencies?

Yes.

I just don’t believe reporting spam to these sites and services is worth the time and effort. I don’t see any harm in doing it; I just don’t think it helps.

I do want to be very clear, however, that a different type of “reporting spam” is very important, and we should all be doing that.

Become a Patron of Ask Leo! and go ad-free!

The war against spam

Spam is more than an annoyance: it’s a battle. For every step you and I and our email providers take to stop or block spam, spammers come up with new tricks and techniques to bypass those steps. As the recipient of a fair amount of spam — perhaps more than most, since I have several “public” email addresses — I see the magnitude of the problem firsthand.

Reporting spam versus reporting spam

You should definitely report spam using the “spam”, “junk”, or equivalent mechanism in your email program or web interface.

Spam word cloudParticularly for web-based email services, this is important feedback the system uses to learn what is and is not spam. Think of it as a form of crowdsourcing. This information is collected and used to tune what the email service looks for when deciding something is spam and whether or not to automatically place it in your spam folder for you.

The more you report spam in this manner, the better the spam filter gets.

This does nothing to reduce the amount of spam targeting your email address, but the result is that less of it ends up in your inbox, being deflected into your spam folder instead.

Keep doing that. (Just don’t use the “spam” button to unsubscribe from things you asked for; doing so actually hurts other recipients.)

Reporting by submitting or forwarding

The type of spam reporting I feel is useless is that in which you either forward the email to a specific email address or copy/paste the email body or other information into an online submission form.

There’s nothing wrong with doing so — it’s not going to harm you or cause you to get more spam — it’s just not going to help you get less.

I’m fairly convinced the addresses you listed1 already get so many reports that whatever you’re reporting is just a drop in the ocean. It would be incredibly rare for you to pass along something that hasn’t already been submitted.

Besides, the nature of spam has changed such that these services simply can’t really work reliably.

Spam sources of the past

In the past, the majority of spam came from specific servers that were either owned by or had been compromised by spammers. These servers sent out millions of spam email messages.

The fact that the email came from consistent servers meant it was possible to track them down, and depending on where they were located, shut them down or block them.

That’s when most of these reporting services come into being. By forwarding spam to them, you were helping identify specific sources of large amounts of spam. The services then tracked down the owner, or the owner’s ISP, and had the spammer shut down. If they couldn’t shut them down, they added the IP address of the server to a “black list” which other ISPs then used to block that server.

Unfortunately, this approach is no longer effective.

Why?

Botnets.

Spam now comes from everywhere

Botnets, created by installing malware on millions of computers worldwide, have replaced individual mail servers for sending spam. Rather than sending 10,000,000 emails from one server, a spammer might now be sending 100 mails each from 100,000 infected machines.

Your machine could be one of them, and you might not even realize it. (Make sure your anti-malware tools are up-to-date and scanning!)

One hundred thousand machines is an impractical number of machines to track down. Even if it could be done, tracking them down wouldn’t help. Spammers would just use other infected machines to continue to send out spam.

As a result, the reporting services you’re asking about can’t really help.

We do hear of botnets occasionally being brought down, but identifying the spam emails doesn’t play a role. Instead, the malware that infected machines in the first place must be tracked down and defended against.

Speaking of bots…

A relatively new entry in the “report spam” arena is the ability to forward a copy of spam to a service of some sort that promises to waste the spammers’ time by using a different kind of “bot” to engage them in a fake conversation for as long as possible.

In my opinion, this is another waste. In fact, it’s akin to fighting spam with spam — you’re causing the internet to be flooded with even more fake email.

I’m also convinced that the spammers will catch on pretty quickly and recognize the bot for what it is: ineffective and easily ignored.

When reporting spam might help

Before I write off reporting completely, though, I do have to add that some agencies — in particular, the FTC (the U.S. Federal Trade Commission)  — may do more than just track down servers and IP addresses. The FTC may also look at the content of the message and see if what’s being hawked violates federal law. With enough instances of an issue, I would hope they’d go after the merchant.

Unfortunately, they may not be able to do much even then. Many — perhaps even most — of these scams originate overseas, where the FTC has no jurisdiction.

The bottom line, in my opinion: depending on the spam and the service, forwarding spam to these services has a very small chance of helping.

Lovely spam! Wonderful spam!2

To sum up: I don’t bother reporting spam, other than by using the “spam” or “junk” buttons in my email program.

  • Reporting individual spam emails just isn’t effective.
  • These agencies can get plenty of spam on their own, perhaps even using “honeypot” email addresses.
  • I know there are others forwarding their spam.
  • I have better things to do with my time.

I simply choose not to.

If reporting it makes you feel better about spam and scams, and if you’ve got the time, carry on, I suppose. I just don’t believe it makes any difference in stopping spam and scam emails from arriving in our inboxes.

Podcast audio

Play

Footnotes & references

1: The original, full question included several example email addresses that I elected not to republish here.

2: Monty Python – Spam

41 comments on “Am I Wasting My Time Reporting Scam and Spam Emails?”

  1. I fully agree with the war against spam. I find that using Gmail is about the best tool for cutting down on the amount of spam that gets to my inbox. But I’m not sure that these “spam control sites” are the best way to fight spam. For instance, a friend of mine runs a publishing effort that also uses email to contact customers once or twice a year. They have run into serious problems because someone (they don’t know who) reported them to one of these sites. The site black listed them and they were no longer able to contact anyone who subscribed to that site. I don’t remember the details, but it made a lot of trouble for them. They contacted the site but they wouldn’t even reconsider their listing or check into why they were black listed. Apparently it’s enough that one person out there somewhere disapproved of an email they received.

    It hardly seems fair to a company to sign up for email information, then when it comes to report them for it.

    • I fully agree.
      People need to be careful to mark spam as spam and not mark everything they don’t want as such.
      It makes a terrible mess for everybody.

  2. I agree. I don’t think marking an e-mail as spam completely stops it because it’s probably on it’s way to thousands of other computers. However, the reason I do hit the spam button, is to stop it from repeatedly appearing on MY screen. It helps. Then it’s replaced by other from somebody else. That’s unfortunate and aggravating but that’s computer – email life!
    Thanks for the article.

    • However, if you use the Spam reporting feature of Gmail (and other systems) you are doing a LOT MORE than just blocking it from your screen. The software that they have tags the message as spam and if too many people are lazy and do this instead of unsubscribing, it starts to mark those messages as spam and blocking them from all people.

      Only mark REAL SPAM as spam. When the message is from a legitimate site, take the couple minutes it takes to unsubscribe. You may have left your email address when signing up for access at a store’s web site. They may flood you with daily messages, but it is NOT SPAM.

      • I agree with this approach as far as it goes. But I’ve found several sites that I knowingly subscribed to but later have unsubscribed because they no longer fill my needs. However, they don’t stop sending their emails even after a week or more and more attempts to unsubscribe. I then feel no sympathy for them and add them to the Gmail spam list.

      • Exactly. And it’s very important to not mark things like newsletters you have subscribed to as spam. If a company is following ethical practices they will be using software that lets you unsubscribe. Marking your subscriptions as spam hurts everyone. Take that extra minute to unsubscribe from things correctly. We are all in this together and participating in a healthy way is good for everyone.

      • Being a teacher, I get lots of emails from book companies. Many come from the book companies getting my email from the university website or because I ordered a book from them. My opinion on that is unless I specifically ask for their mailings or give them permission by ticking a box, it’s spam. It may not fit some people’s definition of spam, but I feel that they deserve to be blacklisted if they don’t get permission to send me email.

  3. I use Thunderbird to manage my email addresses. When I mark an email as “junk,” Thunderbird’s term for spam, does that information get back to my email provider or is it just used locally by Thunderbird?

  4. I generally just mark any spam that gets through my filter and move it to the spam folder.
    I DO report phishing emails to the entity they are spoofing. Most major companies that are spoofed have addresses to forward the phishing emails to.
    I don’t do this for my benefit but for the benefit of the companies that are being spoofed.

  5. Very interesting – about a week ago the count in my spam folder dropped from a couple dozen a day to a couple emails a day. This is for a very old email address through MS and that I relegated to more-susceptible contacts many years ago. My other address spam-counts have not changed. You think I would be happy but I’m also a little worried about what unknown thing has happened.

    Also, some long time subscriptions to businesses have started showing in spam instead of inbox.

    Puzzled. I’m curious if anyone else has experienced this.

      • “Maybe Outlook.com finally got it right.”??? Outlook.com has always done a great job in removing spam. Sometimes too well. Unfortunately, in their over-aggressiveness, they tend to mark a lot of wanted emails as spam. I’ve even been a victim of having my whole email service provider’s domain blocked by Hotmail. I wrote many messages on the Hotmail forum about it and wrote to several computer gurus about it. I finally contacted Mary Jo Foley through ZDnet and she was able to get Microsoft to fix it.

  6. I was using one e-mail program that allowed users to send fake return to sender notices. It would mimic a message that says the e-mail address is no longer valid. I believe this is also ineffective. Also, depending on the number of spam received, it may take longer than to forward them to various addresses.

  7. “Reporting spam versus reporting spam”
    What am I missing here? How is one of these actions any different than the other?

    • To summarize what the article describes:

      Reporting spam #1: pressing the “this is spam” or “junk” buttons in your email program or interface. This is OK, and valuable.

      Reporting spam #2: forwarding spam email messages to some agency that promises to track down the spammers. This is pointless.

  8. I have been receiving the same phishing email every day for about a month now. Something about “new notifications” I have on Twitter. Every day I report it as phishing scam to Microsoft (my account is @hotmail), but the system doesn’t seem to learn that those emails are junk. What should I do?

  9. I’d like to convince Leo that making a report to a spammers ISP in the way that Spamcop does can be worthwhile by citing some of my more gratifying experiences in doing so. The technique is a bit technical but is easily learned. I won’t go into detail unless invited.

    I cannot agree with Leo that most spam is sent through bots because I always have found a domain name for the sender and a home page for that domain, although it may be just a server sample page, meaning that the domain is used only for e-mail. As an example, I recently received spam from {removed}). Go to this site and you will find a spammer’s unsubscribe page. Botted computers generally do not have domain names or web servers.

    The spam I report is mostly the obscene or insulting kind such as “Stop sending me your pictures” and “This married woman wants your c**k.” as these are most likely to invoke a response from an honest ISP. Here is one I recently received from Online SAS in France:

    ONLINE SAS
    Technical assistance
    BP {removed}- 75366 Paris CEDEX 08
    France

    Tel:{removed}

    Subject : Abuse notification resolved

    Dear Sir or Madam,

    Your abuse number 217452 is now closed.

    Here is a comment left by our customer:
    —————————————————————-

    Hello,
    Sorry for the inconvenience caused. We have reviewed this matter thoroughly and identified that it was one of our subscribers using the IP address in question which was responsible for causing the spam complaints.
    We have initiated immediate action against this offending subscriber by cancelling the associated subscription. To ensure that this kind of issues doesn't happen again we will implement stringent steps by reviewing our subscription list and informing the existing subscriber about this .
    Please restore server access, if something went wrong again we agree that you can terminate the service immediately.
    Thank you for your assistance.
    Regards.

    The Online team

  10. If you are on a spammers’ mailing list you probably will have received one or more “Nigerian scam” messages. They are thought to originate in Nigeria, though all the ones I have received come from a server in Japan.

    The author pretends to be a high U.S. government official or perhaps an official of the Benin republic who seeks to inform you that a sealed box containing $4 Million is waiting for you at some U.S. airport, and requests that you send your full name and address and perhaps other personal information so that this treasure trove may be delivered to you. Variations include some philanthropist who has decided to make you a donation or some American serviceman who wants you to receive money for him, but all messages come from the same server in Japan. A New Zealand cybersecurity firm named Netsafe has created a chatbot to engage these scammers and waste their time with unproductive chatter. All one needs to do is forward the scam e-mail to me@rescam.org and they will start the dialogue.

    Some people take pleasure in baiting these scammers personally, even to the point of arranging meetings with them. There are a number of videos on this.

  11. Sorry if this is the wrong place for this question. I have been getting scads of emails from the domain “Webhostandmarketing.com”. They all begin with “support.” a number, like 5+myemailprefix=msn.com. I’ve tried blocking them, blocking the domain and creating all kinds of rules. Nothing stops them. The domain webhostandmarketing.com has a place for “Unsubscribing” but this web page doesn’t react. I’m not all the technically proficient. Should I find a local professional to help with this? Thank you for any suggestions.

  12. After considerable effort I am happy to report some success with Amazon Web Services (AWS). Their usual procedure is to send a boilerplate response to a spam complaint and then a week later send another saying that an instance had been found on their servers, but the spam keeps coming. I have found other complaints of this. I finally got results by threatening to make a proposal at a shareholders’ meeting of their parent company, Amazon.

    I have had a 40% success rate in my spam reporting efforts and responses like the following are always gratifying.

    Hello,

    Thank you for taking the time to report this message to the SendGrid Compliance team. Reports like yours make us aware of users who are not following our terms of service, and we greatly appreciate them so that we may take action on your behalf in order to ensure that our services are not being used for the sending of unrequested email. We take user complaints very seriously and do not tolerate spamming.

    Thanks again for sending us this report. If we require additional information we may be in contact with you regarding this report.

    Kind regards,
    SendGrid Compliance

  13. I am grateful to Leo for allowing my posts of “do it yourself” spam fighting, using the techniques of SpamCop, despite his opinion that such efforts are not worthwhile.

    I was inspired to take aggressive action against spammers when I started to receive emails from correspondents claiming to be women who had seen my profile on a dating site and suggesting a meeting. A link in the message took me to a site with pictures of bare-breasted women, which I took to be a porn site. I do not have a profile on any dating site and genuine dating sites do not have such pictures.

    The technique involves getting the sender’s IP address from the “Received:” field of the header and looking it up in a database. The most likely ones are ARIN for North America, RIPE for Europe, and APNIC for Asia and the Pacific. One of these will give the identity of the internet service provider and his email address for abuse complaints. Header information is gotten from the “Show Original” link in Gmail and instructions for other email clients can be found online. I forward the spam to this address and attach the full text. Sometimes they will refer me to an online form to fill out.

    In at least one case I have gotten better results than SpamCop. That is the case of Amazon Web Services, which was not taking action against spammers and had asked SpamCop not to send it any more reports. By using rather stiff language I was able to get them to delete a couple of spammers’ accounts. Details are in a previous post.

    Another ISP with a reputation of being spammer friendly was OVH in Paris, France. I was getting a message starting with “This message is from a trusted sender.” There was a large FedEx logo and text saying “Your package could not be delivered because of an incomplete address. Please click this button to reply with your complete street address.” A look at the “Reply to:” field of the header disclosed that any reply would go to fifteen other spammers. Of course I did not reply and they were sending four of these per day. Querying the IP address on RIPE showed that the ISP was OVH. I wrote to them and they referred me to a form. I filled it out and they replied that they could take no action on account of incomplete information. I filled it out again in great detail and they replied that they had deleted the account.

    Maybe word got around. I have had no spam for four days. Previously I was getting two to fifteen a day.

  14. I am getting several hundred spam emails a month and it seems to be increasing every day.
    I think I am going to just delete my email address and open up a new account, I just give up.

  15. The best way to report spam to stop coming in is by reporting to that person’s ISP/Internet provider. In Gmail it’s really easy after opening up the email you click on show original. Once you have done that it will show SPF: there will be an IP Address there IE 192.168.0.0 you can take that IP address and go to whois.arin.net in the search bar put in the IP address of the person who sent you that email. Arin will tell you who the abuse email complaint you sent to is. IE abuse@cox.net, abuse@rr.com, abuse@comcast.net, abuse@charter.net, abuse@amazonaws.com etc Now it will also tell you if you need to visit another IP registry page. Whois Arin is only for America, Ripe.net is for Europe. Latin america has their own so does Africa and Asia. From there you’ll be able to plug in the IP address and it will give you the abuse complaint box to let them know you are getting spam from one of their customers. Now in order to file the complaint you just need to include the email headers nothing else. If you don’t include the email headers then your complaint will be rejected. In Gmail its called show original and you see Delivered-To: and it will be long copy all that compose a new email with the subject of spam coming from your network, to the abuse box of that ISP and paste the email header in the body of the email and send it off. It really helps cut down on spam coming to your email box. I have pretty much gotten mine to almost be none existent.

    • Most spam comes either from countries which don’t do anything to stop spam or spam bots which are a kind of malware which is installed on the computers millions of unsuspecting users and spam is sent out via those computers. Reporting abuse will barely stop the tip of the iceberg of spam.

  16. I disagree somewhat with the reporting issue. I gets tons of spam because I am an IT person and most of it I just delete. However the ones that state I have an “inheritance” or “fund” or some other ridiculous amount of money due me (which I know is false) OR the ones that state I will be arrested if I don’t pay some bogus debt which I do not owe, I DO report those. Especially that last kind because they are usually threatening. I scrutinize the email header to try to see what email account it originated from. Once I do that, then I will report that email to whoever owns the account….Microsoft, Google, Yahoo or whoever. I usually will get a reply first stating they received my complaint and fake email but many times I’ve received a follow up email that stated they did investigate the email I sent and they discovered it violated their terms of agreement so they shut down that email account. Granted, I realize once this is done, the spammer will just open up another email account and continue but at least I know that maybe I did something that at least inconvenienced the person that sent that email just as much as that email annoyed me. Anyway I say if you have the time do report offensive spam.

  17. I do take the tactic of John by reporting spam as abuse to various internet providers. GoDaddy is pretty good at shuting down a site, but unfortunately they just come from another. If you can make life a bit more inconvenient on these parasites, good.

    I have found one way of getting rid of some spam is to use social media. This works for some of the national companies that farm out email marketing. Two examples are a window blind company and a home security company. I went to their facebook page and posted on their profile and used Messenger to complain about these tactics. In another case, I received seven spam messages in a four hour span. I took a screen shot of my inbox, cropping out my info and asked them if they were proud of their marketing efforts. I also told them that if I ever needed their type of service, that they would be immediately ruled out. They did ask for my email and got me off the list. If enough people did this, it would at least give some legitimate companies pause to better scrutinize their email vendors. It won’t help with fly-by-nighters; but can cut down on some.

  18. I would like your opinion on automatically forwarding spam and any issues that can arise because of it. We have a work domain that receives lots of spam. We have recently upgraded to a new spam filter that gets most of it. I do wonder what happens to the spam that does get through, however. We have a few email addresses that are for the group that then get sent out to individual members. One of those members automatically forwards all of the emails to a personal account ( @oh.rr.com domain). My question is does the forwarding of the spam cause any negative consequences to my domain? I worry if the spam gets through, and then he marks it as spam from our domain in his personal server, does that give the other emails from our domain a “negative” rating? Or is it just on his personal account? Or is there any trigger that forwarding the email makes the initial domain email a more likely spam target?

    • Forwarding spam is a bad idea. I’ve experienced this myself. (I used to forward all email from @askleo.com to my gmail account.) The problem is that it makes it look like your server (askleo.com in my case) is sending spam. And yes, that can impact its reputation. In my case it means that forwards were throttled, and in the worst cases, blocked. The solution in my case was to not forward from askleo.com to gmail, but rather have gmail do a POP3 pickup from askleo.com. Problem solved.

      • That’s a great tip. I use Gmail to pick up my emails from all accounts and use POP3 for most of them. I have more accounts than Gmail’s Pop3 allows (or allowed when I set it up). The other 2, I forward directly to Gmail. I think I can get around this by setting up am interim Gmail account to pick up the other emails and download them to my real Gmail account via POP3 to avoid forwarding spam. It’s never been an issue as the other email accounts have pretty good spam filters and I don’t get much forwarded spam. They are also accounts which aren’t too important which I use for newsletters and sign-ups.

  19. I know I’m late to the party here but thought it worth mentioning that spam phone calls have gotten just as bad as spam email. I NEVER answer mine any longer. As sure as I do, I either get one of those aggravating hangups or some telemarketer blithering on about something I can’t possibly live without.

    I installed a call blocker allowing only a couple of exceptions and everything now goes to voice mail. My voice mail greeting informs them in a cheery voice that I’m currently out time traveling but if they’ll leave a message, their credit card, and pin number, I will gladly call them back yesterday.

    The bots just hang up but it’s funny to hear an actual human’s reaction to the message. LOL

    It totally ticks me off that I have to pay for this bloody phone but the scammers and spammers get to use it more than I do.

Leave a reply:

Before commenting please:

  • Read the article. Comments indicating you've not read the article will be removed.
  • Comment on the article. New question? Start with search, at the top of the page. Off-topic comments will be removed.
  • No personal information. Email addresses, phone numbers and such will be removed.
  • Add to the discussion. Comments that do not — typically off-topic or content-free comments — will be removed.

All comments containing links will be moderated before publication. Anything that looks the least bit like spam will be removed.

I want comments to be valuable for everyone, including those who come later and take the time to read.