Microsoft 365 - Learn about junk email and phishing
Junk email, also known as spam, is unsolicited email, usually commercial. It can strain networks, clog email servers, and fill mailboxes with unwanted and possibly offensive messages and images. Most of it is annoying, but harmless. Most junk email will be blocked by the email server that hosts your account.
Phishing is a specific kind of junk email that's used to obtain private information for use in identity theft and other scams. The email message appears to come from a trusted source, such as your bank, and often includes the actual business logo and an apparently legitimate reply address.
For more information about how to identify phishing email messages and how to protect yourself from them, see Learn how to recognize and report phishing.
"Graymail" or Bulk Mail
"Graymail" (of bulk mail) is generally characterized by newsletters, sales pitches, and stuff trying to pass as legitimate marketing. It's a result of your address(es) getting on marketing lists, and then being sold to other email marketers. These messages are particularly difficult to get classified as spam because they are usually being sent on behalf of otherwise legitimate companies (for varying degrees of "legitimate"), and there are many recipients who consider the messages completely legitimate.
'Backscatter' is the name given to bounceback messages generated when a spammer uses your mail address in the 'From:' line of their messages. This does not mean they have access to your account, however, if you feel your account has been compromised, please change your password. If the spammer's message can't be delivered for any reason, the receiving host will send back a bounce or non-delivery report to the address in the 'From:' line.
Backscatter messages takes several forms:
- DSN (Delivery Status Notification) advising that the message cannot be delivered - or that delivery is delayed.
- Auto-replies - often advising that the mailbox is no longer in use due to spam or that the recipient is on vacation.
- Challenge/response requesting that you confirm you sent the message.
If a spammer sends a large number of messages, you may receive literally hundreds or thousands of 'backscatter' messages.
When a spammer uses your address as the "From" address, but they are not sending from your account, this is called 'Spoofing.' This means that they are just using your address so it appears that you sent the message, though the header information will often display the true sending address. For more information about 'Spoofing', please review this article: http://lifehacker.com/how-spammers-spoof-your-email-address-and-how-to-prote-1579478914.
Important: There is not a way to stop 'Backscatter' or 'Spoofing' from occurring. However, spammers will eventually switch addresses, not out of respect for you, but simply because if they use the same address or domain for too long, spam filters will eventually start blocking it.
How do messages get identified as junk email/spam?
When a message arrives into Office 365, it is scanned by "SPAM/Anti-virus" software. It looks for specific aspects within the message and is then tagged with a specific spam rating between 1-10. If a message is tagged with a rating of 6 or higher, it will be moved into the "Junk Email" folder.
What can I do with messages in my "Junk Email" folder?
When you receive a message that might be junk email, it will be moved to your Junk Email folder. You can treat messages in your Junk Email folder like any other message.
There are a couple of options for dealing with legitimate spam in your "Junk Email" folder:
- Do nothing: Messages will automatically be deleted after 30 days. Important: There is a system wide policy in place for all Office 365 email accounts that will automatically delete messages that are older than 30 days from the "Junk Email" folder.
- Delete: Like any other message, you can delete it. Deleted messages will go into your "Deleted Items" folder.
Misidentified spam message
If a message in your Junk Email folder is one that you want to keep, you will be able to mark the item as not junk and the item will be moved to your inbox.
- Outlook on the web: Right click the item in your Junk folder you would like to keep and click Mark as not junk.
- Outlook Desktop Clients: Select an item in your Junk folder and from the ribbon click Junk and click Mark as Not Junk or Not Junk depending on the version of Outlook.
What can I do with spam messages in my "Inbox" folder?
If you believe the message should have been tagged as spam, review the following document: Microsoft 365 - Report Suspicious message.
How can I prevent getting spam and/or graymail?
The only way to not get spam is to make sure that spammers do not know your e-mail address or make them think that your account is not being read. There are many ways that you can try to limit the amount of spam you receive.
- Unsubscribe from the mailing list if the organization is reputable (you should be able to tell from their web site if they have one). Have you ever filled out one of those web forms and forget to check whether the "Send me Info" box was checked or unchecked? It's usually set on by default.
- Don't reply to spam messages and don't click the link that says "unsubscribe" if the company is not reputable. Spammers often use this to verify that your address is valid. They rarely remove your address from their mailing list; or if they do, then they may just put you on another list.
- Obtain a "throwaway" e-mail address. Use this address if you have to enter your email address in an form online. Check the account periodically to make sure that no legitimate messages get sent to that address. Options include Gmail, Yahoo, Hotmail, etc.
- Read web site privacy policies before submitting personal information. This will help you determine if the company is reputable enough to handle your private information. If you determine that the company may abuse this information, give them your "throwaway" address instead.
- Don't put your email address on a web page. Spammers use "spider" programs to scour the internet looking for email addresses. If you absolutely have to publish your real email address on a web page there are some ways to hide your address so that people can read it, but spider programs can't. Look up these tactics with your favorite search engine.
- Create custom rules If you can reliably detect a specific pattern or content within these messages, you can try creating a unique inbox rule to automatically detect and filter these messages. If you need assistance with this, you can look at the following document Microsoft 365 (Outlook on the web | Outlook for Windows/MacOS) - Using Inbox Rules.
- Create a block filter Mail identified as possible junk email can be automatically moved to the Junk Email folder. Learn more.
What else do I need to know?
- You can also use the junk email settings options to manage your junk mail: go to Outlook on the web | Settings | View All Outlook settings (if prompted) | Mail | Junk Email. You can add multiple email addresses, such as email@example.com, to the Blocked Senders and domains or Safe Senders and domains lists. You may also block or allow mail from an entire domain by adding it to either list. For example, to trust/allow email from anyone who has a contoso.com address, add contoso.com to the Safe Senders and domains list. Learn more.
- Note: When several hundred email addresses have been added to your Blocked Senders list, blocking of messages may become inconsistent. If more than 500 addresses have been added to your Blocked Senders list, mail blocking will no longer work. You will need to remove blocked addresses from the list to bring it below the limit for mail from blocked senders to be properly routed to your Junk Mail folder instead of your Inbox. Microsoft does not intend for the Blocked Senders list to house hundreds of addresses, and it is recommended that you keep the list as small as possible, only blocking senders you believe are likely to send again using that address. Keeping this list manageable at around 50 blocked addresses, is a good practice."
- Due to a recent change by Microsoft, you no longer can add other email accounts or domains that are within our UW-Madison Implementation of Microsoft 365 to your 'Safe Senders or domains'. Accounts in the Global Address List (GAL) are also considered safe senders. This does not apply to Contacts and MailUsers in the GAL.
- You can also move a message from the Junk Email folder to another folder by dragging it from the Junk Email folder to any other folder.
- If you right-click the Junk Email folder and click Empty, the contents of the Junk Email folder will be moved to the Deleted Items folder.
- If you are forwarding your account: All messages sent to your account, including spam, will get forwarded to destination account. This could cause the destination email system to reject the forwarded message because it may look even more spammy. If you are forwarding your UW-Madison Microsoft 365 account and are experiencing message delivery issues, please remove the forward.
- Focused Inbox feature may be right for you. Learn more.
- Learn how to create a good HTML email message.
- Why emails go into the junk/spam folder.
- How To Avoid Spam Filters When Sending Emails.
- Junk email filter limits.