You could be in for more spam if you’re not careful.
Spammers love to know whether or not their messages reach real live people. Why? Well, it tells them that the email address they’re using is real and that it reaches a person who apparently reads their content. Knowing that an email address is real means that spammers target more spam at it.
There are three primary ways spammers can tell whether or not you looked at their message.
Fortunately, all three are in your control.
Keeping spammers in the dark
Spammers can tell when you open their messages in three ways: loading images, clicking links, or replying. Each one proves your address is real and invites more spam. The fix is simple: don’t load images, don’t click links, and never reply to spam.
Images
Images can be included in an email in either of two ways.
- Inline, meaning the image is literally encoded within the email message.
- Remotely, where the image is included in the email through a link. For example, the email might contain a reference to “https://img.askleomedia.com/leo3.png” rather than the actual image file itself. When the email is displayed, the image is fetched from that link.
The sender can tell that a remote image has been fetched. They cannot see anything relating to inline images.
In the remote example above, because I own img.askleomedia.com, I can see when the file leo3.png has been accessed. Further, if the image reference contains additional information, I’d see that too. For example, say the reference was something like this:
https://img.askleomedia.com/leo3.png?email=you@somerandomservice.com
In that case, I could see not only that the image was referenced, but that it was likely fetched by you@somerandomservice.com. I’ve used a blatantly obvious way to identify the email address, but it can be obfuscated in many, many different ways.
Spammers use this technique. If you display images in spam, you may signal the spammer that your email address reaches a real person. Expect more spam.
This is why most email programs default to not showing images in email messages: they’re preventing spammers from getting this information.
Help keep it going by becoming a Patron.
Links
Most spam tries to get you to click a link. We generally think of phishing examples, where the link leads to a page impersonating a legitimate service in the hopes that you won’t notice, try to sign in, and in so doing hand over your login credentials to the spammer.
But clicking any link in spam can be dangerous. At a minimum, the spammer can notice that it was clicked (by having it go to a destination they control). Much like the images discussed above, links can be encoded to include the email address at which you received the spam. The net result is that the spammer is notified that messages sent to that email address are read by a real person. Expect more spam.
This is why you frequently hear the advice to never click links in spam. (Even unsubscribe links.)
Replies
Replies seem the most obvious. If you reply to spam, you’re essentially telling the spammer, “I read your email, and by the way, here’s my email address in the From: field of this reply”.
People do this all the time. They reply to spammers telling them to stop. Or they set up some kind of auto-reply in the hopes that they’ll flood the spammer with replies. None of that is effective. All you’ve done is confirm that your email address is real and you read the email sent to it. Expect more spam.
Do this
You are in control of these actions.
- Don’t display images in an email message unless you’re certain of the message’s source.
- Don’t click links in spam or other suspicious email.
- Don’t reply to spam or other suspicious email.
This won’t stop spam, but it will avoid increasing the amount of spam you get.
No spam here! Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Thanks to you, Leo, I stopped clicking on Unsubscribe links. Before that, I noticed that, when I would unsubscribe from something, I would often immediately start receiving the same type of emails from another similar organization. Now I just mark anything that I didn’t subscribe to as junk or spam.
Hi Leo
I’m an Octogenarian and remember my Mum frying Spam slices for me when I was kid. The product was extremely popular (hence it’s Monty Python feature) and is still around today in the UK, although the computer version of spam is decidedly unpopular and potentially dangerous.
I’ve been using MailWasher Pro for over 20 years and find it an absolute ‘must have’ for email security and dealing with spam emails. I can’t recall you recommending it and wondered if you’ve used or reviewed the App?
Kind regards
David
Leo uses Gmail to retrieve emails from his other accounts to take advantage of Gmails great spam filter. Unfortunately, Google is removing that retrieve emails from other accounts feature soon.
I’ve already moved on. I use proton mail for some domains, and fastmail for others.
I used MailWasher for a while. It’s a fine solution for email providers whose spam filter is less than great.
Thanks Leo, Do you know if having images show when using Outlook Preview pane also signals the spammers? I generally see images in the preview pane but never click open the email and delete instead.
A displayed image is a displayed image regardless of where it’s displayed, so if a preview involves a remote fetch, then yes, spammers can see that. Most email programs do NOT display images by default, even in preview.
Thank you for this helpful information about how spammers can detect if I’ve opened their email …… and how to stop that!
I use Yahoo email and it has a ‘View raw message’ option which seems to show ‘metadata’ associated with the email rather than content visible when the email is opened. Does using this option let the sender know that I’ve viewed the email?
No. That doesn’t send any information to the spammer.
As email spamming became more sophisticated, I’ve adopted the habit of never opening any message from any unknown source, and never choosing to allow pictures to be displayed on those I preview. If the message uses a name that’s not me, or uses no name at all, I simply move it to the spam folder in my Thunderbird app, so it’s sent there on the server as well (I use IMAP for all my email accounts in Thunderbird). Since adopting this behavior, I’ve noticed that my spam mail has dropped significantly, although my G-Mail account seems to receive and pass through more spam than my outlook account!
Ernie