published : 2023-09-28

Oops! you clicked on a spam email and added your info to what looked like a legit site

Practical steps to safeguard our digital self

A person sitting at a coffee table, holding a cup of coffee and looking at their laptop screen with a concerned expression. (Taken with Canon EOS 5D Mark IV)

Picture this: a serene morning with a cup of coffee in hand, skimming through emails, and suddenly, an alarming notification about an unpaid invoice from a service you don't recall using.

Or perhaps an email claiming you've won a massive sum from a lottery you never participated in. These are just the tip of the iceberg when it comes to spam emails. The allure of some of these scams can be hard to resist, but what really transpires when you engage with such emails?

When you respond to spam emails, it's like sending out a beacon—it primarily tells the sender that your email is active. This might sound like a small thing, but it's, in fact, a big deal. It means you've just made their job easier.

Now that they know they've got a 'live one' on the hook, they'll likely target you even more aggressively. You've become prime real estate in their database. They might sell or trade your email address with other shady characters, leading to an influx of unwanted emails.

By engaging with a spam email, even if it's just to say 'stop emailing me,' you're signaling that you might be susceptible to other forms of manipulation or deceit. Scammers often play a numbers game. By showing them you're attentive to their unsolicited messages, you've unwittingly increased your odds of getting even more spam emails.

Many unsolicited emails contain links leading to expertly crafted imitation websites. If you get tricked into providing details on these sites, you're essentially gifting your data to unknown entities. Moreover, certain spam emails contain harmful attachments. Upon downloading, these can introduce malware or spyware into your system.

Okay, so you unknowingly clicked on a link, provided your personal information on a website, or downloaded a malicious attachment. Here’s a breakdown of what can happen.

Unauthorized access: Cyber-criminals can take over your computer without your consent and use it for malicious purposes. This means they can access your computer, browse your files and even hijack your webcam or microphone. The invasion of privacy can be severe, with hackers gaining insights into personal photos and sensitive documents or even watching and listening to you without your knowledge.

A close-up shot of a person's hand hovering over a keyboard, with an email inbox on the computer screen showing a spam email. (Taken with Nikon D850)

Ransom attacks: Certain malware variants encrypt your files and ask for a ransom to release them. If you don't pay, you might lose access to crucial data. These are notoriously known as 'ransomware' attacks.

Crypto-mining: A more recent mischief from malware is crypto-mining, where the attacker uses the resources of your computer to mine cryptocurrency. This can slow down your system and even damage it due to the intensive processing power required for mining.

Propagation of malware: Your computer, once infected, can be used to send out further spam emails, spreading the malware to other unsuspecting victims.

It's vital to be cautious of emails that prompt you to download software or claim unexpected prizes. Adding urgency is a common tactic used by cyber scammers to bait victims. A good practice is to carefully inspect URLs, even minor spelling anomalies can hint at the email's deceptive nature.

A good telltale sign is if the tiny lock symbol is missing from the URL link. It probably is not secure and should not be fully trusted. Protecting your personal information is paramount. Thus, adopting proactive measures is non-negotiable.

Antivirus protection is your shield: An effective antivirus software is a must-have. The best way to protect yourself from having your data breached is to have antivirus protection installed on all your devices. Having good antivirus software allows you to be resilient against growing attacks by actively running on your devices. It’s the best to help stop and alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails, and ultimately protect you from being hacked.

Use identity theft protection: If malware gets onto your system, it's possible your personal information can become compromised and used to open up accounts in your name. To protect your identity, investing in identity theft protection is a smart move. Identity Theft protection companies can monitor personal information like your home title, Social Security number, phone number, and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

Strengthen passwords and embrace 2FA: Reusing passwords is a hacker's dream come true. Always diversify your passwords and employ 2-factor authentication for added security layers. Using password managers can also ensure that your credentials are sturdy and easily accessible.

A person holding a smartphone, looking puzzled while reading a suspicious email notification. (Taken with Sony α7 III)

Report the incident to the Federal Trade Commission online at or call 877-438-4338. This will help you create an Identity Theft Report, which is a statement of what happened and what accounts are affected.

Contact the three major credit reporting agencies: Equifax, Experian, and Transunion. Ask them to place fraud alerts and a credit freeze on your accounts. This will prevent new accounts from being opened in your name without your verification. You can also order free copies of your credit reports and review them for any errors or suspicious activity.

Contact the fraud department at your credit card issuers, bank and other places where you have accounts. Tell them what happened and ask them to close or freeze any accounts that were opened or tampered with by the identity thief. You may need to provide them with a copy of your Identity Theft Report or a police report.

Collect and keep any evidence related to the identity theft, such as the spam email, the fake site, any receipts or statements or any correspondence with the identity thief or the companies involved. This will help you prove your case and dispute any fraudulent charges or claims.

Monitor your credit reports, bank statements, and bills regularly for any signs of identity theft. If you notice any unauthorized or suspicious transactions, report them immediately to the appropriate company or agency.

Navigating the online world is a lot like traversing a bustling city full of opportunities and dangers. Just as you'd keep an eye on your belongings and avoid shady characters in a crowded place, you need to be watchful of where you click and whom you trust online. Spam emails are one of the most common and persistent threats that can lure you into scams or malware. Sure, we have our tech tools and safeguards, but just as in that crowded city, our wits and awareness often save the day.

What's the sneakiest scam email you've ever received? And more importantly, did it almost get you? Share your close calls by writing us on our website.