How do i identify spam emails?

In today’s world of fast paced electronic mail, everyone with an email address will have at some point received a spam email. Some email addresses that have been around a long time, have been given out to multiple different organisations and/or have potentially been sold on dozens of times, can receive hundreds of spam emails in a week. Whilst most web hosts will have precautions in place to filter out many of these emails, as technology advances, so do the spammers and it is now becoming harder to spot these emails. If you have been a victim of spam (unsolicited commercial email), or are worried about becoming a victim, below I talk about how you can spot a spam email, steps you can take to protect your email address and what action you can take against those sending the email.

The first step in correctly identifying spam emails, is to ask yourself ‘was I expecting this email’. If the answer is no, then you need to take a closer look. Do you recognise the sender? Even if you recognise the company name, always check the ‘Sent From’ field. Spam email addresses will often start with what looks like an official company name, but will then be followed by a series of random letters and numbers.

Spam emails often come with a lot of spelling or grammatical errors or can be worded in a way that just doesn’t seem as if it would come from a legitimate company. If in doubt, never click any links (even to unsubscribe) and mark the email as Spam. Marking an email as spam helps the email provider to identify the sender and ensure that future emails from that sender go straight into your spam folder.



The following sections explain different indications that a spam email is coming from a web host and how they are often misleading.


The sender of the Spam email has an email address ending in (Example): or, often sent using a spoofed email address. We do not send spam, do not maintain a list of its users for spammers, and do not sell such lists to third parties. The addresses in the “To” and “From” fields are easily faked, and do not mean that we created or sent the spam. To find the real sender, you need to look at all of the email’s headers and you can report suspicious emails to the National Cyber Security Centre by forwarding them to



Spam sent via a server, could have been sent using a free forwarding service. Email from that domain could therefore be redirected and then relayed to the address specified by the domain’s owner. Such a practice would hinder the smooth operation of the technical and general services of any IT organisation but eventually this action would only lead to more complaints, and would be grounds for the suspension or termination of the domain name in question.


Host companies are the accredited registrar for every extension. Web hosts register domain names on behalf of its users. The use of a domain name purchased, is decided by the owner of the domain. If reported, most host companies can take direct action against the domain owner or domain name.



Spam is a difficult problem to manage, but there are a few actions you might be able to take against a spammer.

You can file a complaint with the web host used by the spammer. If you are having difficulties in identifying the web host of the spammer, this information can be found on WHOIS website. You can report the spam to the web host, In the hope that they may send a warning to the domain owner or at best deactivate their email account or website. Please feel free to contact WHOIS directly and they may be able to assist you.


Email Protection: With regards to private domain extensions, contact information can be found in the WHOIS database. This applies to all email addresses. A good way to protect your private email address would be to request that they enable anti-spam protection. Anti-Spam protection is usually free, harmless and can be reversed: This action, using an encryption system would drastically reduce the amount of Spam emails you receive moving forward.


Taking Action: You can also report the Spam email address or website to the National Cyber Security Centre via this email The NCSC do have authority and are trained to handle such situations. This is in relation to assistance in the UK.



As with any ICANN-accredited registrar, web hosts must assure that the information present on WHOIS is valid. Invalid information should quickly be reported to WHOIS. If the information provided to WHOIS regarding the Spam domain name is incorrect, WHOIS will now legally have the power to request up to date information, and this would have to be provided within a period of 14-21 days, if not provided; The Spam domain could be put on hold or permanently deleted.



Some of the most common scams reported to Action Fraud, involve fraudsters connecting remotely to the victim’s computer. Never allow remote access to your computer following an unsolicited call, text message or browser pop-up. Only install software or grant remote access to your computer if you are asked by someone you know and trust.

You can report these types of scams to Action Fraud UK.

Written By Patrick .A Tech IOSH