Accessibility links
  • Skip to main content
News Icon NEWS FILTER
All News Scams & Phishing Security Education Videos Mobile Security Your Security Education Identity Theft Corporate Security
Search Icon SEARCH
 

Email Icon SUBSCRIBE TO WEEKLY NEWSLETTER
Spam Filters Won’t Save You All The Time
Facebook   X   LinkedIn   Email

Spam Filters Won’t Save You All The Time

May 26, 2025

Anti-spam filters are certainly a great tool for eliminating the barrage of unwanted email messages. However, those shouldn’t be the only ones in the security toolbox. Frankly, because as good as they are becoming, they’re still not catching all of the messages. Yes, anti-phishing measures are still improving, but as with most things in life, they aren’t 100% effective. In fact, the cybercriminals who phish us are getting better faster than those tools. That’s why filtering out malicious email using technological tools should be supplemented by training and education. And here’s why.

Legitimate email addresses can spam you

It’s not difficult to create an email address from a well-known email service. Doing so is free, after all, so if someone wants to phish, they can use a real address. Email from the large free services, such as Google or Yahoo, will most likely pass through spam filters because they are so widely used, even as company email addresses in some cases.

Cybercriminals will use this to their advantage by making up several of their own email addresses from free services and send off a barrage of messages. Very large lists of email addresses are for sale on the dark web all the time from data breaches such as from Ticketmaster, LinkedIn and any number other organizations. In fact, spam can show up in your email box, FROM YOU!

Spam filters are tested in advance

There are many free tools that analyze email to determine what is and is not spam. Spammers use these exact tools to test their messages in advance. They change the messages slightly and keep sending until they don’t get any red flags. Then they know their time won’t be wasted.

What you share is public

Spam filters have the ability to “learn” with whom users are corresponding and the attackers can harvest personal data off various social media like Facebook and LinkedIn to make matches. That’s why we’re always advising you not to overshare on social media or on any website for that matter. That will just give the scammers more information to create targeted messages to spearphish you.  If a message comes through addressed to a particular person from someone the spam filter has “seen” before, it may just get to your inbox. Personalized messages are still 40% more likely to get someone to click a link or open an attachment.

Spam filters trust too

Email messages come from servers with specific IP addresses. Spam filtering tools trust certain ones, such as those that come from Google, for example. They also know which ones they shouldn’t trust, such as those that come from university dorms, airports, and other public places. These are considered transient and are usually flagged by spam filters. However, ultimately IP addresses can go through a “warming up” phase and become more trusted by the tools. At that point, an attacker can use servers with these warmed up IP addresses, which will be more likely to pass by any defenses that are in place with a wave goodbye.

Phishing in all its forms (spear-phishing, whaling, vishing, etc.) continues to be very effective. In fact, it’s still the top way that malware succeeds in getting into a system or network.

No surprise, but we’re human. We have faults and we make mistakes. That’s why we will likely always be the weakest link in an organization’s defense strategy. The good news is that we can also be the strongest.

Just one person

All of this is why ongoing awareness training is so important for all of us. Threats evolve and change all the time and AI is only going to complicate matters. You can put all of the available technology to work and if just one person falls for a phishing lure, the network may be compromised.

It’s exciting to experiment with artificial intelligence and other technology tools, but they simply cannot keep humans from falling victim sometimes. Take time to properly learn how to avoid becoming a victim of phishing and you may end up saving your organization from a ransomware attack.

Phishing Phlags:

  • Unknown senders
  • Unexpected links and attachments
  • Spoofed email return address
  • A sense of urgency to the message
  • Spelling and grammar errors
  • Blurred or old graphics and images
  • Numbers in places of letters, such as a zero for an “o”

Not All Cookies Are Created Equal; Know When Not To Accept Them

Your Security

Not All Cookies Are Created Equal; Know When Not To Accept Them

It seems every webpage you land on these days has an “Accept Cookies” pop-up. After all, what’s the big deal about a few cookies, so we click “Accept” and move on. Well, turns out it’s a bigger deal to accept cookies than most users realize. Thinking twice before you accept them can help keep malicious and zombie cookies off your device, among other things. Who would ever think a few innocent cookies could be a bad thing, but unfortunately, many of them are. READ FULL STORY

Cool Off With Quick Social Engineering Refresher

Scams & Phishing

Cool Off With Quick Social Engineering Refresher

Let's dive into the world of social engineering and its impact on our lives, shall we? Brace yourself for a friendly reminder about this sneaky psychological manipulation technique that can really mess with your day. Picture this: someone cleverly exploits your mind to get you to do their bidding or spill sensitive information. It could never happen to you, right? Well, think again. Sometimes they sneak up on you and don't even know what's going on until it's too late. READ FULL STORY

Looking for Love? You Can Keep Your Heart Break-Free From These Scams

Scams & Phishing

Looking for Love? You Can Keep Your Heart Break-Free From These Scams

Valentine’s Day has come and gone, but love never leaves the air. So many are looking for love, or searching for a dinner or movie companion to combat lurking loneliness. It's always a good time to take a look at the various online dating scams that are always searching for your love and to provide a few tips on detecting them as well as others that may come up. There is no need to despair. There are signs to look for and ways to avoid being caught out by these scams and others. READ FULL STORY

Email And Clickbait Lead To Facebook Trouble

Scams & Phishing

Email And Clickbait Lead To Facebook Trouble

In 2022, there were more than 333 billion email messages exchanged. That’s according to the website Statista. And of those, roughly 36% are spam. While most email products are fairly good at detecting and sorting out spam for us, many unwanted messages still make it past the filters and into our inboxes. Many of those lead to scams, downloaded malware, or cause some other type of digital harm. But the scams and malware don’t stop at email spam. READ FULL STORY

Protect Yourself From Phishing Scams: 8 Steps To Better Security

Scams & Phishing

Protect Yourself From Phishing Scams: 8 Steps To Better Security

Since the mid 1990’s, email phishing scams have been on the rise. Like most cybercrimes, hackers have improved and refined their phishing methods over time. Now, there’s been a massive increase in targets due to the continuing coronavirus epidemic. Email phishing continues to be the method of choice for many cybercriminals to enter your device, steal your data, identity, finances, and more. A study by Tessian finds that 96% of phishing attacks arrive via email, showing the threat is very real. READ FULL STORY








Close
Fraud News & Alerts!

Keep up with the latest cyber security news through our weekly Fraud News & Alerts updates. Each week you will receive an email containing the latest cyber security news, tips and breach notifications.



You're all set!

You will receive your first official security update email within the next week.

A welcome email has also just been sent to you. If you do not receive this email within the next few minutes, please check your Junk box or spam filter to confirm our emails are not being blocked.


 
Help  
Enter any word or words you like.        

The email newsletter will arrive from news@stickleyonsecurity.com


Loading
Please wait...