In today’s digital world, email phishing scams are one of the most common and dangerous threats to individuals and businesses. These deceptive emails attempt to trick recipients into revealing personal information, clicking on malicious links, or downloading harmful attachments. Phishing attacks can lead to identity theft, financial loss, and even security breaches for organizations. For Runbox users, these scams can specifically target your email account and compromise your sensitive data. But by staying vigilant and following a few key practices, you can protect yourself from these scams.
Spam these days is no joke. Keeping our inboxes tidy can feel like a full-time job, and just when you think you’ve got it under control, an unexpected twist occurs: legitimate emails end up in your Junk folder. Yes, we’re talking about the moment when you realize important messages are hiding away in spam purgatory, thanks to email clients like Apple Mail, Outlook and Thunderbird.
Last week we wrote about a dual spam filter approach using email clients and how to set this up. We also talk about how spam has increased dramatically lately, and the reasons why. Here we look at how legitimate emails can end up in the Junk folder
The Frustration of Missing Emails
We’ve all been there. You’re expecting an important email, maybe a project update or a message from a friend, and it never arrives. You check your inbox—nothing. You start to wonder if they even sent it. Then, on a whim, you dive into your Junk folder, and there they are. Emails you thought were lost, marked as spam by your email client.
But it gets even more frustrating. Sometimes you have already filtered these emails specifically. You added them on your allowlist (what we used to call whitelist) in your Runbox Webmail, meaning you’ve already done the work to ensure they reach your inbox. So, why does your email client override your careful training and send them to Junk anyway?
(more…)Many of us continue to face a frustrating challenge: an overwhelming influx of spam emails. This is when spam is more than just a nuisance – it becomes a real problem. Why are some inboxes inundated with spam? We look at why it’s happening and what you can do about it.
The Connection Between Data Breaches and Spam
Data breaches are alarmingly common, and stolen email addresses can be easily sold on the dark web. People who receive a lot of spam have often had their email addresses exposed on the dark web. There is a direct connection between data exposure and the amount of spam in our inbox.
The Role of Artificial Intelligence
AI is significantly contributing to the rise of spam emails by enabling spammers to automate content generation, craft personalized messages, and conduct targeted campaigns at an unprecedented scale. With advanced natural language processing, spammers can create convincing emails that evade traditional spam filters, while machine learning allows them to analyze data and segment audiences effectively.
The Reality of Online Sign-Ups
Every time you sign up for a service, your email address enters a database, and depending on the company’s privacy practices, that information can be at risk. It’s essential to approach online sign-ups with caution – consider using disposable email addresses for non-essential services and researching a company’s privacy policy. Being aware of the implications of online sign-ups is crucial for protecting your personal information.
Have I Been Pwned: A Crucial Resource
A valuable tools available is https://haveibeenpwned.com, a legitimate website where you can check if your email addresses have been compromised in known data breaches. By simply entering your email address, you can see if it has appeared in any breaches, along with details about the specific incidents.
(more…)You may have noticed that you’re getting a lot more spam email lately, which is frustrating and annoying. You diligently go through these emails and add them to your Spam filter, you block the sender, unsubscribe from mailing lists and so on. The spam emails keep coming…
Why it’s happening
- When we sign up for web sites we effectively give them permission to use our email. These companies may sell your email address to other companies who will in turn send you spam.
- Whenever there is a data breach on a website where you have subscribed to something, email addresses can be repeatedly sold to other spammers. You can check if your email has been been in a breach here: https://haveibeenpwned.com
- Spammers use mechanisms that allow their emails to go through the spam filter. They will use valid email addresses such as a @gmail account, create look-alike domains that will look like a legitimate company, or even spoof your own email address because many people whitelist their own address.
- Because of AI, spammers and phishers can very quickly create mass campaigns. Previously, spam was often easily spotted because of bad grammar and lack of personalization (goodbye Nigerian prince). Now, spammers use artificial intelligence to make spam and phishing more convincing, and they use social media, online behavior and public information to generate personalized campaigns. The result is that we are bombarded with spam.
What you can do
(more…)You can now train your Runbox spam filter using IMAP. Simply use your email program/app to move messages to your Spam folder to report them as spam, and move them from Spam to any other folder to report them as not spam.
IMAP training works for both the Dspam and the Cloudmark filters, the latter of which is in an open beta test. To join the beta test, just go to Manager > Filter and turn it on.
Yesterday we deployed our new web servers, which are powering the Runbox web app at https://runbox.com. There are a few changes and improvements that were deployed at the same time, and that we would like to tell you about.
New login screen
Among other things you may have noticed that the login procedure has changed. This is related to the roll-out of our new Account Security features, which include Two-Factor Authentication. We will post more about this soon, but the important thing to note is that the new login regime is more secure than before. This also completes our transition to a new, global authentication system which we have described previously.
If you have problems logging in
If you are experiencing problems logging in, please make sure that your browser has the latest version of the login screen. You can do this by pressing Ctrl + F5 on Windows and Cmd + R on macOS. If this doesn’t help, please try to clear your browser’s cache and restart it. If this doesn’t help or if you are unsure how to accomplish this, please contact Runbox Support.
There are a few other wrinkles on the new web servers that we are currently ironing out, and besides a more powerful and reliable webmail service we have also deployed a new spam filter.
New spam filter in beta
The new spam filter is powered by Cloudmark, which is one of the strongest authorities on spam analysis in the world. You can try out the new spam filter by going to Manager > Filter and selecting “Cloudmark (beta)” under “Detect junk mail”. If you are already using Dspam (the trainable spam filter) you can select “Both” to activate Cloudmark and Dspam.
The Cloudmark spam filter will automatically catch more spam by comparing spam signatures (fingerprints) with the central Cloudmark database. If you click “Not spam” or “Report spam” to correct spam filter behavior in the webmail, a report will be sent encrypted to the central Cloudmark service. Select “Train using reduced email details” to only send a message signature instead of the full message when reporting misclassified messages.
The Runbox Aero webmail theme
And if you haven’t already done so, we recommend that you try out the Runbox Aero webmail theme, which you can find in Webmail > Preferences. This theme has a more modern design and includes larger and more legible fonts.
More new features to come!
Finally, with the new web servers we have also established a streamlined deployment system that makes the path from development to production much more efficient. We won’t bore you with details, but we can say that you can expect more exciting features from Runbox going forward.
Recently we have been testing a new component to our spam filtering system. This component is powered by Cloudmark, one of the most popular and powerful spam filter systems available. We would now like to make Cloudmark available to more customers.
How Cloudmark works
Cloudmark is designed to detect known spam better and works as a central authority based on reporting by millions of Cloudmark users. It would help us improve our implementation of Cloudmark to have more Runbox users testing it.
Customers who are testing Cloudmark don’t need to do anything different in the way they use their email. However, we ask testers to report spam (or genuine mail) that is not classified correctly to a special Runbox email address.
No data is shared with a third party when using Cloudmark, as it’s running on Runbox’ own servers. Any reporting done by our customers is currently only going to Runbox itself. When we implement a reporting facility back to Cloudmark in the future it will be implemented as a clearly marked option.
How to start using Cloudmark
If you are interested in having Cloudmark added to your account, or wish to ask questions about it, please let us know at Runbox Support (support@nullrunbox.com).
New Spam Filter Servers
As part of our ongoing fight against spam, Runbox has recently deployed a new cluster of spam filter servers and made a few changes to how we deal with spam.
We now block a lot more spam by rejecting connections from servers that are known to send spam. Most of these connections are from virus infected computers, and it is relatively easy to identify these machines via their IP addresses.
Another change we’ve made is to upgrade SpamAssassin so that it performs more extensive checks of incoming mail.
This is the first among several steps we are taking to clear your Inbox of spam, and we will post more news about this in the near future.
Changes to Bulk Mailing Policy
We’ve also decided to tighten our policies on bulk mailing using Runbox’ outgoing email servers to prevent Runbox from ending up on blacklists used by other email services.
As email use continues to grow and more people around the world are online, so does the amount of email sent for marketing and promotional reasons. Often mailing lists are badly managed and people receive email they no longer want, so they mark them as spam instead of unsubscribing from them.
Meanwhile spam systems are getting smarter, and email providers create statistics from the actions of their customers. If a customer marks a message as spam (whether it is spam or not), this is recorded in a database, and it can result in those domains and server IP addresses being blocked.
Only a very small number of Runbox customers use our services for marketing and promotional messages, but this can still have an adverse affect on all Runbox customers. Therefore we have decided that Runbox can no longer be used for bulk mailing, and we are now changing our Terms of Service to reflect this.
If you are using, or are planning to use, Runbox for bulk mailings, please see our page about Bulk Mailing and contact Runbox Support.
Over the past 8-10 days we have seen a significant surge in incoming spam, especially about weight loss.
We are working to reject more of this type of spam centrally, and hope to have achieved this as of today.
But if your account is still severely affected, there are things you can do to improve the situation meanwhile:
Most of our customers report that their spam filter does catch the spam, but that going through the Spam folder looking for legitimate messages becomes too big a task due to the large number of spam messages.
If this is affecting you, please see the following article on how to set up an extra filter to separate the very obvious spam from the messages the spam filter is less certain about and that you should review manually: https://help.runbox.com/avoid-sorting-through-spam-for-legitimate-email/
If your spam filter doesn’t catch this type of spam, please make sure that your Trainable Spam Filter is enabled in Manager:Filter, and that you train any missed spam mails using the Report Spam button.
Some users may have had mails bounce recently with an error referring to a blacklist called ips.backscatterer.org, or no clear error at all. This is caused by the sole blacklist runbox’ mailserver IP address is on, which is a list which only blacklists mail servers for handling mail bounces in certain ways. Many other mail servers does it in the same way we do, but our large volume and problems with the IMAP bandwidth quota (now solved) have probably caused us to be on this list on and off for years.
This is NOT a spammer blacklist in other words, and it is irresponsible and uninformed to bounce mails based on any single IP blacklist, but especially this one. And recently, it seems that far more services use this list in such a manner. If your mails have bounced from a domain where you have contacts, we recommend sending them the following link:
http://www.backscatterer.org/?target=usage
We may become delisted as of Oct 12, and will update this post then if so.
UPDATE: We are currently delisted, but will update this post if we are re-listed.