Say goodby to spam... or at least, give it a try! Here are some tips for quieting your inbox and your phone
Transcript
Davis: Hay, Dan. I think I got my irritation across in our last episode about spam text messages and spam phone calls. They are the bane of my existence, to some extent. So how do I stop this all from happening?
Dan: We definitely both get frustrated by these spam messages. It’s hard to stop because there’s no gatekeeper to text messages, which is also what makes them great. They’re interoperable and you can use them to reach everyone in the world.
The best advice I have for good old [Glossary=”SMS”]SMS[/Glossary] is to find the setting that hides messages from people that you don’t know or have in your contact list. The message will still arrive, but you won’t see it unless you go to look for it. Sort of like a spam folder for text messages. There is something to be said for keeping your phone’s contact list up to date, though, because it means the difference between seeing the messages and calls from people you know, and not having them get buried in a hidden state.
Davis: Thanks so much, Dan. I had not considered creating a spam folder for text messages, and I’m going to do that as soon as I get off the line with you today. If memory serves, you mentioned directories of phone numbers in our last episode. How do I get my email addresses and phone numbers off of those directories?
The best advice I have for good old SMS is to find the setting that hides messages from people that you don’t know or have in your contact list. The message will still arrive, but you won’t see it unless you go to look for it.
Dan: This is purposely not easy. Purposely because the people who create lists and collect consumer data about Americans make their living by keeping this type of data in their lists. You can, however, request from each individual provider that your data be excluded from the data they sell. They do have to oblige if they’re a law-abiding company but it may take a long or be a time-consuming process, or it might take a while to take effect. Search for lists of consumer data companies and begin to tick them off one by one. There are services that claim to do this for you for a fee, but I don’t know of any that I’d trust to do this on my behalf.
Davis: Yeah, you’re probably right. And that also means more tasks on our privacy to-do list. It seems like it never ends. But how effective is the Do Not Call Registry? Remember when that was a thing? Is it still actually around?
Dan: It is still a real thing, and it’s worth doing. There’s a hefty fine in the US for violating the Do Not Call Registry, so I found it does work well, but it’s not perfect. There are some groups that are not required to adhere to the list. But take a look on donotcall.gov to learn more.
Davis: Thank you. So let’s talk about emails, which is my favorite topic and I’m sure it’s yours too. By and large our email providers are catching these things and marking them as spam. But in other cases, there’s an option to click the “unsubscribe” button on unwanted emails. How often are these emails actually spam? And is it safe to click the unsubscribe button on what appears to be a mass email?
Dan: Here I have to give a favorite answer of mine and of lawyers: it depends. Sometimes, the “unsubscribe” links at the bottom of emails are used by attackers to gather intelligence about whether your email address is live, and also can be used in a similar manner to any link you click from a bad actor, a way to convey malware, or take you to a site you didn’t expect.
However, if the email comes from a reputable source and the domain matches [you should be good to go]. For example, you don’t want to receive emails from your local grocery store, and you use the techniques we discussed in the last episode to confirm it actually came from your local grocer, then you can likely click the “unsubscribe” button safely and exit their marketing mailing list.
But if you get a random email from a prince in a faraway country promising you unrealistic wealth, don’t use the included “unsubscribe” link if there even is one. If there’s an email you don’t want to get any longer but aren’t confident enough to use the unsubscribe link, you can also use your mail application to create rules to redirect messages from that source straight to the delete folder.
Search for lists of consumer data companies and begin to tick them off one by one. There are services that claim to do this for you for a fee, but I don’t know of any that I’d trust to do this on my behalf.
Davis: Yeah, that is another round of excellent advice, thanks so much.
So this is a total humble brag, but I got a promotion last a couple months ago and now I’m a “director,” which sounds very fancy but I assure you it’s basically the same job. And I’ve noticed since then that I’m getting more and more requests for my time and energy from people that look like they’re writing personal emails to me, but may actually be sent en masse. Does telling the sender, does replying to the sender and saying, “please remove me from your list” actually get people to get me off their list?
Dan: It may. This is mostly due to how some of the world’s spam and data protection laws are written to specifically address mass mailings. So a trend lately seems to be that sales people, on behalf of their marketing teams, are doing more direct one-to-one emailing, which is not held under the same scrutiny, even though the content may be exactly the same. If this is happening as part of a marketing campaign, even if sent directly by Bob Jones the sales person, they and the organization have to comply with any applicable privacy or spam laws. If you can confirm the sender is actually being part of that organization, then feel free to reply and say “you know what, I don’t really want any more marketing from you. Please opt me out from all future materials” and they likely will do so.
Davis: Okay, so that’s both my worst case scenario and my best case scenario in one answer, so thanks so much for that. But if things get really out of hand, should I change my email address? Should I change my phone number? What is like defcon scenario for these things?
Dan: Well, you can and it may help. And you certainly can try. But also be aware that the pool of numbers to choose your new phone number from may contain one that somebody in the next town over released for the exact same reason. So it may be better or it may very well be worse. I have one phone line that this problem has only gotten worse with each number change.
Now email is a little easier to find a new silent home, but you will still have the chore of telling people about your new email address. When you change either your phone number or your email, also remember that if you have multi-step authentication tied to those addresses and numbers, and if you cease to have access to them, you may also have trouble getting into the services you use every day. If you do shift away from a number or an email address, make sure you have all related access changed to the new locations before you turn off either the account or the phone line.
Davis: Thank you so much, Dan. I’m not quite to the stage where I’m ready to give up my email address or my phone number just yet, but if and when I do come to that point, I’ll be sure to revisit this video. So thanks so much for that, and I’ll see you in the next one,
Further Reading
Big Ass Data Broker Opt-Out List
Yael Grauer's guide to removing your personal data from sites run by data brokers or companies that sell bulk access to your personal information. This list is updated regularlydonotcall.gov
The National Do Not Call Registry from the Federal Trade Commission
Contributor Bios
- Daniel Ayala is a leader in the fields of information security, risk, and data privacy. He is Chief Security and Trust Officer at Dotmatics, hosts The Great Security Debate Podcast, and founded Mentor Core, an organization that seeks to bring together mentors and protégés from across the risk and compliance profession. Learn more about Dan's work at https://danielayala.com/.
- Davis Erin Anderson is Director of Programs and Partnerships at METRO Library Council.
- This project is funded by the Mayor’s Office of the Chief Technology Officer, and produced in collaboration with Brooklyn Public Library, The New York Public Library, and Queens Public Library.