Is It Safe to Look, Just Look, at Spam?

Maybe.

by

Curious about what’s hiding in your spam folder, but worried a single click could infect your computer? I'll explain the simple rules that keep you protected and how to view raw message source safely.
an individual looking at the source code a spam email through a magnifying glass.
(Image: Google AI)
Question: I’m interested in looking at what junk and spam I’m getting without jeopardizing myself. So I download mail in Gmail and Hotmail messages in my email program and read them there. Both are good at weeding out spam and junk. They keep these for 30 days and then delete them. I want to read these at least on the Gmail or Hotmail webpages — just read and not click on anything. Is this dangerous? Might I get a malware or spyware foisted on me without my knowledge?

In other words, is opening and reading a message suspected to be spam dangerous?

While there’s always risk, it’s not nearly as bad as it once was. As long as you follow a few precautions, you’re typically safe.

TL;DR:

Looking at spam

You can usually look at spam without getting infected, but you still need to be careful. Don’t click links, even unsubscribe links. Don’t show images, don’t download attachments, and don’t reply. If you’re curious, you can view the message source to investigate safely.

Don’t click on links

You’ve covered this in your question, but I want to emphasize it: never click on a link in suspected spam, even if that link says “unsubscribe”. There’s no unsubscribing from spam, and a link that tells you otherwise is lying. Spammers lie.

The risk is that you’ll be taken to a malicious website. In the worst case, you might download malware. You may land on a phishing site: a page designed to look like an official site you probably use, and fool you into entering your sign-in credentials. That’s handing over your credentials to a spammer.

Ask Leo! is Ad-Free!
Help keep it going by becoming a Patron.

Don’t display images

It can be tempting to wonder what the images accompanying a message might show. Resist the temptation.

The images themselves are rarely malicious these days, but the act of displaying them can signal to the spammer that your email address is legit and read by a real person. The net result: more spam.

Don’t download attachments

Many spam emails include attachments as part of their attempts to fool you. The email may look like a legitimate message asking you to open the attachment for more information or details about some supposedly serious situation.

The attachment has malware. Hopefully, downloading it to your PC will cause your anti-malware tools to flag it as such, but we can’t count on that. Don’t download it, and don’t open it if you do.

Don’t reply

Replying to spam tells the spammer that your email address is legit and read by a real person. Again, the result: more spam.

It’s tempting to reply to spam in an attempt to tell the spammer to stop (or worse). There are many problems with doing so. To begin with, even if they do read your email, they’re not going to pay attention to it. Very often, spam is crafted in such a way that a reply goes to some innocent third party who has nothing to do with it at all.

Spam curiosity

I tend to look at suspected spam from time to time when I’m curious about where it came from or if I’m investigating whether it actually is spam.

I’ll open it to view, and following my advice above:

  • I don’t click any links.
  • I don’t display the images (no matter how curious I might be).
  • I don’t download any attachments.
  • I don’t reply to it.

What I will do is view the source code.

Email source

Email is generally encoded in two sections:

  1. The headers, which control and document how the message is routed across the internet.
  2. The body, which is typically the HTML code that makes up the message you see.

Most headers, other than the To:, From:, Date:, Subject:, and perhaps other common fields, are not displayed. They’re technical details you normally don’t need to see.

The body is displayed as the rendered HTML, meaning that you see the message rather than the raw HTML1 code that makes up the message.

But you can choose to look at the “behind the scenes” message, its source code.

Viewing email source

How you view the source, original, raw, or headers code — all terms that refer to the email source code — depends on the mail interface you’re using.

Consider this “suspect” spam.

Suspected spam.
Suspected spam. Click for larger image. (Screenshot: askleo.com)

In my email interface2, clicking on the “Actions” menu gives me the option I’m looking for.

Actions menu with "Show raw message" highlighted.
Action menu with “Show raw message” highlighted. (Screenshot: askleo.com)

I click on Show raw message, and here’s what I see.

Raw email message.
Raw email message. Click for larger image. (Screenshot: askleo.com)

That’s the first of 837 lines of information in the raw message. You can see it starts with various notations about spam detection, where the message came from, and more. Eventually (perhaps halfway down), the actual message body is included as well.

It’s this information that gets analyzed when the computer decides if something is or is not spam.

The good news here is that this, too, is safe to look at if you’re so inclined. As long as you don’t act on any of the URLs or email addresses you find in the message source code, you’re fine.

Do this

For the most part, there’s little reason to examine spam, but I get that we’re often curious. It’s safe to do as long as you follow the “don’ts” listed above.

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Footnotes & References

1: Or other. There are several standard encoding methods, but HTML is probably the most common these days.

2: Fastmail.

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Additional information is available at https://askleo.com/creative-commons-license/.