Oh no! You accidentally clicked on a spam message in your inbox. You closed it quickly, but now you might wonder what happens if you open spam email? Is it unsafe to have clicked on one of the messages? Is opening an email dangerous?
There is little danger to opening a spam message as long as users do not open links or attachments. If your email app or webmail automatically loads images, some tracking can occur. Downloading attached files or clicking linked text or images opens users to threats like malware, ransomware, or phishing.
We’ve all been warned to watch out for suspicious emails. Even when we have a sound spam detection system, the occasional email will make it to our inbox and even under an accidental click.
Let’s go over what happens if you open a spam email on iPhone, or Android, webmail, or email client.. We’ll also detail ways to protect your account.
Before Spam Arrives In Your Inbox
Spammers gain a little insight even before their message reaches your inbox.
An email sent to an invalid address will be rejected and bounced back to the sender. Spammers know that your email account is valid by watching for bounces.
Unfortunately, there’s not a great way to defend against this. Fake bounce, auto-responders are ineffective.
Most users have their email address tightly linked to their actual inboxes. This means we cannot prevent a spammer from discovering your email address is valid.
Heads up: Later, we’ll go over ways to separate your email address from your actual mailbox where you manage emails.
What happens next is scary, but there’s a straightforward solution.
Clicked A Phishing Link? Here’s W...
Clicked A Phishing Link? Here’s What Happens And What To Do Now
Can spammers tell if you open an email?
Spammers can tell if you open an email when you or your email application interact with their message. When your webmail or mobile email app automatically downloads remote resources like photos or graphics, the spam sender immediately knows their content was viewed.
Most email users prefer auto-loading images, so emails look nice when they click to read messages. This is a mistake when it comes to defending against spammers.
How does this work:
A spammer designs an email with embedded images to make the message look professional. They host or store these photos or graphics on their server. When your email app, mail reader program, or webmail requests these images, the sender receives numerous data points while sending the email’s graphic elements.
Here’s a list of the most common bits of information revealed when you auto-load images:
- IP Address: This is the internet address of your home router, cellular provider, or work connection that can be used to derive the following:
- The approximate geographic location is usually down to a city level.
- Your internet service or mobile phone provider.
- If you’re at work, the spammer can find the name of your company.
- The type of connection you’re using, like DSL, fiber optic, mobile data, etc.
- Device type like a mobile, tablet, desktop/laptop.
- Operating system like Windows, Mac, Chromebook, or Linux.
- Which browser or mail reader app you use.
- Device time and time zone.
- Screen size.
- Device language.
The way to stop giving this type of metadata to spammers is to turn off automatic image downloading in your mobile email app, desktop email client, or webmail. Most services offer this function. Remember to avoid opening suspicious emails. When in doubt hit delete. Once you do that you close the door to possible harm.
Later on, we’ll give you quick instructions on stopping auto-loading images for some popular email apps and webmail sites. But, what happens next if you open a spam text?
The same rules also apply to opening suspicious texts. A spam text message can install malware that can collect information from your phone. Once the cybercriminals have your information, it can be sold to marketers or even identity thieves.
When You Reply or Forward Spam
Comedian James Veitch gave a hilarious Ted Talk on what happens when you reply to spam.
It’s obvious that it’s not a good idea to directly reply to spam emails despite Mr. Veitch’s sketch from above.
You confirm that you’re a willing participant in an email conversation with fraudsters in the least severe instances.
In the worst scenarios, you could inadvertently give away personal information that can compromise youronline privacyor security.
For the instances when you receive an email from one of your known contacts that looks suspicious, it is best to start a new email or instant message/text your contact. Use this new, separate channel to ask if they sent an email with the suspect subject. Do not reply or attach the original spam email.
However, the worst thing you can do after opening a spam email is the most dangerous.
Opening an Attachment or Clicking a Link
Can you get a virus just by opening an email?
It is not typically possible to get a virus just by opening an email. The programming behind emails is too basic, requiring attached or remote resources to load. Users need to click a link or open an attachment from a malicious message to start an infection on their computer or smartphone device.
Some dangerous files are fairly obvious such as zip files or executables like programs or mobile apps. These should never be opened unless received from a highly trusted and confirmed sender.
Other attackers send spam containing files whose native format includes automation. For example,PDFs can contain viruses.
The fortunate problem with sending malware as an attachment is that many email systems have sophisticated detection software that scans attachments to find viruses or other malicious files.
This works against most attackers. Spammers instead entice users to click a text or image link.
Deceptive Text or Image Links
Links within emails are an invaluable tool for most legitimate situations.
Emails are size-restricted and do not have automatic or dynamic content updates. It’s often more efficient to send a user to a web page containing the most up-to-date information.
A link can be a bit of text or a clickable image. This hides the destination, which may be an internet site operated by spammers or fraudsters.
Over the years, there have been several very creative ways to fool the average email user. Many of these attacks work by exploiting users’ inattentiveness to internet addresses. These are often linking to a phishing website or a remotely-hosted piece of malware from a site posing as a valid and well-known site.
Here, I’ll pick on GoDaddy as an example only.
- Purpose-Registered Domains:GoDaddyInvoicing.com
- Typo Domains:GoDady.com
- Look-Alike Domains:GoDаddy.com[replaced the English letter “a” (U+0061) with the Cyrillic letter “а” (U+0430)]
- Sub-Domaining: invoice.GoDaddy.com.xfqfk3r.host
- DNS Poisoning: Requires an attack at top-level domain lookups to replace the IP address ofGoDaddy.comwith an attacker’s address. This propagates across the Internet for a short time.
Opened a Spam Email on Android?
Here is what to do if you open a suspicious email attachment or email:
Disconnect Your Device
Disconnect your phone from the internet. This will reduce the risk of malware collecting and sending data from your phone. It will also prevent the malware from spreading to other synchronized devices or someone from accessing your phone remotely. Or you can simply enable Airplane Mode.
Perform System Scan
Run a scan of your android device with reliable antivirus software. It is a protective layer that helps keep malware off. Follow all the instructions to do a full search of your device and quarantine or remove any virus. If you don’t already have anti-malware, you can safely install one from the Google Play Store.
Change All Passwords to Avoid Further Damage
Malware is good at collecting data such as bank account numbers, credit card numbers, usernames, and passwords. So, change all passwords for shopping accounts, online banking, social media, and email. And do not use the same password for all your online accounts unless you want to make accessing your accounts a walk in the park. The smartest way to do it is to use a password manager. It allows you to safely store unique, passwords for your accounts.
Can You Get a Virus from Opening an Email in Gmail?
No, you can’t get a virus by just opening an email in Gmail or any other provider. Clicking on links and attachments is where there is a problem. Some emails have attachments and programs as links and attachments to malicious sites awash with scams and malware. Only open attachments that you trust. Even if somebody you know sends you a file with a .exe or any other similar program, don’t open it. Also, do not run any programs that try to download directly onto your computer after clicking on a link.
That said, Gmail uses a proprietary virus scanner to scan all emails. The application blocks any email that it finds a virus in or a suspicious file.
What if I Opened a Spam Email on my iPhone?
iPhone can’t get viruses. iOS viruses are only theoretical, not practical. If your iPhone says it has malware or virus, it is most likely something else.
What do you do when you open a spam email?
- Close email messages without clicking links or opening attachments.
- Mark the email as spam or junk to help train detection software.
- Run a malware or virus scan on your desktop or laptop computer.
- Watch for emails or texts from friends, family, or colleagues about strange emails.
- Notify a manager or IT department staff member in a work environment.
A few more quick tips:
- Be suspicious of emails from your contacts with odd subjects, or the email body text isnot right.
- Use throwaway email addresses fromNadaorSimpleLogin
- Turn off auto-loading images in your email app or webmail
Turning off automatic image loading in desktop, mobile, and webmail services increases security. This results in the need to manually click a link or button in each email message to load externally hosted graphics.
This is an excellent extra step despite emails looking a little bland. It allows you to decide each time if you’re willing to risk your privacy and security.
The following are the most common email application or webmail sites and how to turn off automatic image loading.
Desktop/Laptop Email Clients
- Open the Outlook application.
- Click on the File tab.
- Select the Options link on the left navigation.
- Select the Trusted Center option on the left in the dialog that appears.
- Click the Trust Center Settings button on the main panel.
- Select Automatic Download from the left-hand options list.
- Put a checkmark on the option reading: “Don’t download pictures automatically in HTML email messages or RSS items”.
- Add a checkmark to the option for: “Don’t download pictures in encrypted or signed HTML email messages”.
- Open the Mail app on your Mac.
- Click the Mail menu option and select Preferences.
- Go to the Viewing tab.
- Remove the checkmark next to the option: “Load remote content in messages”.
- Open the Thunderbird email client.
- Click the menu (hamburger) icon in the upper-right.
- Choose the Preferences option.
- Click the Privacy & Security in the left-hand navigation.
- Find the subsection called Mail Content.
- Uncheck/remove the check from the option: Allow remote content in messages.
- Open a web browser to yourGmail.comaccount.
- Click the Setting gear/cog icon in the upper right.
- Select the See All Settings button.
- Find the Images section on the General tab.
- Change the radio button to the option: “Ask before displaying external images”.
- Scroll to the bottom and click the Save Changes button.
Outlook / Office 365
- Open a web browser to your personal or company Outlook webmail.
- Click the Setting gear/cog icon in the upper right.
- Type in the Search box the keyword: “External”.
- Click the External Images settings result.
- Find the External Images sub-section on the right pane.
- Change the radio toggle to the option: “Don’t use the Outlook service to load images”.
- Open a web browser to your Yahoo Mail.
- Click the Setting gear/cog icon in the upper right.
- Select the More Settings link in the popup pane.
- Select Security and Privacy in the left pane.
- Click the Viewing Email option on the left navigation.
- Find the sub-section called: “Show images in messages”.
- Toggle to the radio button reading: “Ask before showing external images”.
Mobile Email Apps
- Open the Gmail app.
- Tap the menu (hamburger) icon in the upper-left.
- Tap Settings then your account.
- Find the sub-section called: “Data usage” (Android) or “Images” (iOS).
- Set the option reading: “Ask before showing”.
- Tap the account icon in the upper-left corner.
- Tap the Setting gear/cog icon in the lower left.
- Find and tap your Mail account.
- Toggle on the option: “Block external images”.
- Go into the Settings app.
- Scroll down and tap the Mail setting.
- Find the Messages subsection.
- Turn off the toggle switch: “Load Remote Images”.
Merely opening a spam email doesn’t have the dangers it once did, especially if you’ve configured your email app or webmail as we’ve described.
If you’ve clicked into a message accidentally, simply close and mark it as spam or delete it. You’re safe as long as you’ve not clicked an attachment or link within the email.
Run your computer’s malware scan if you’ve opened a spam attachment or clicked on a text or image link that opened your browser to a website.
Become more vigilant and skeptical when reading email subject lines.
Clicking on a phishing link or opening an attachment in one of these messages may install malware, like viruses, spyware or ransomware, on your device. This is all done behind the scenes, so it is undetectable to the average user.
Don't open any attachment(s) from someone you don't know. If you receive an email from an unknown sender, delete it immediately or report it to your mail service provider. Even if it is someone you know, be careful about attachments.
There are a variety of problems you could encounter with email: dangerous file attachments, scams that try to take your money, phishing emails that attempt to steal your personal data, and links to dangerous websites. However, just opening an email shouldn't cause any problems.
It depends. Scammers will be able to tell that you opened an email if you download any attachments or click any links (which you should NEVER do), or if your email client automatically loads any images that are embedded in the message.
Disconnect from the internet immediately.
This is to isolate your machine from infecting other devices and to cut off access to your machine from the hacker. This may help contain the malware infection. If you are on a wired connection, unplug. If you are on a Wi-Fi connection, disconnect from the Wi-fi in settings.
- Dangerous File Extensions. ...
- Encrypted Archive Files. ...
- Who Sent the Email? ...
- Strange Filenames. ...
- Study the Contents of the Email. ...
- Use Your Antivirus Suite. ...
- Always Keep a Healthy Suspicion With Emails.
An attachment can be any type of file, but the most common ones are text documents and images (photos etc).
- Look for Unfamiliar Apps. One of the easiest ways to check your iPhone for a virus or malware is by determine whether you have any unfamiliar apps on your phone. ...
- Check if Your Device Is Jailbroken. ...
- Find Out if You Have Any Large Bills. ...
- Look at Your Storage Space.
Download free mobile antivirus.
The best way to check for malware on your phone is to use a mobile security app like free AVG Antivirus for Android.
As Garry Brownrigg, CEO & Founder of QuickSilk, explains, “They can 'spoof' an email message with a forged sender address – they don't even need your password for this.” The things they send can be anything from harmful malware to scams and requests for money; either way, you'd certainly rather they didn't come from ...
Can I get a virus by reading my email messages? Most viruses, Trojan horses, and worms are activated when you open an attachment or click a link contained in an email message. If your email client allows scripting, then it is possible to get a virus by simply opening a message.
Yes. There are some types of emails that can cause damage immediately upon opening, but if you know what to look for, you'll usually be able to avoid them. This typically happens when an email allows scripting, which allows the hacker to insert a virus or malware directly into the email.
A questionable email alone is unlikely to infect your phone, but you can get malware from opening an email on your phone if you actively accept or trigger a download. As with text messages, the damage is done when you download an infected attachment from an email or click a link to a malicious website.
If you clicked on a phishing link that took you to a spoofed page and did not enter any personal information or credentials, then you should be fine. However, one danger is that scammers usually know whether or not you clicked on the link. So, they may determine you're a good target to continue pursuing.