Spam Emails and Phishing Scams: An Unexpected Solution by IT Experts

Different email clients have different levels of spam exclusion?

“The two American companies, Google and Microsoft, regard spam countermeasures as a critical issue and are fighting against adversaries worldwide. Their scale of revenue is fundamentally different from other companies.”

These are the words of Yuugo Fujita, the representative of Cyber Research (Suginami Ward, Tokyo), which supports cybersecurity measures. Google offers the email service “Gmail,” while Microsoft provides “Outlook” (formerly Hotmail).

According to Mr. Fujita, the effectiveness of spam filtering may vary depending on the service provider operating the servers. Indeed, if you have addresses with more than one service, you might notice differences in the volume of spam depending on the email software you use.

About 40% of junk e-mail. The basis of phishing scam prevention is the elimination of junk e-mail.

According to the “Spam Mail White Paper 2022-2024” by the Anti-Spam Mail Measures Promotion Council, there is no definitive definition of spam mail, but it is generally considered something “annoying” and socially problematic. It is described as being sent against the recipient’s will, continuing even after being rejected, and reaching a frequency that disrupts daily life or work.

Spam mail includes not only advertisements and promotions but also fraudulent and extortion emails, such as fake billing scams. Particularly, emails impersonating well-known companies like financial institutions to steal account numbers, passwords, and credit card information are called “phishing scams” or “phishing emails.”

While users are naturally expected to take precautions to avoid phishing scams and other spam emails, email service providers are also reportedly screening and filtering out such emails.

According to the “Spam Mail White Paper,” spam mail became a social issue around 2001.

As of last September, spam mail accounted for about 37% of domestically received emails. A significant portion of these emails is reportedly dealt with by filters provided by telecommunications operators, meaning the percentage reaching users is considered lower.

The white paper points out that spam mail has become more sophisticated and malicious. It categorizes spam mail into two types: bulk transmission type and standard type.

The bulk transmission type involves indiscriminate sending of emails using address lists purchased from directory vendors, randomly generated email addresses, bait websites to capture email addresses, or by collecting email addresses from blogs and other online platforms. The “standard type” involves exploiting information obtained through some means about specific organizations or individuals, impersonating superiors or business partners, or attaching virus-infected files to steal information.

Spam Countermeasures Dependent on the Processing Capacity of Service Providers

According to Fujita mentioned earlier, both Google and Microsoft in the U.S. offer “workspaces” for business use, facilitating tasks and work online. Workspaces include features such as video calls, chat, and schedule management, with email services being one of these features. The convenience increases with paid services, such as expanded data storage. These two companies are primarily engaged in providing email services and have a large number of users worldwide. Spam countermeasures are an important aspect of their core business.

On the other hand, Japan also has IT (information technology) companies and mobile phone carriers that provide email and SMS services.

“They have other core businesses and are not considered to have reached the level of spam countermeasures seen at companies like Google and Microsoft,” says Fujita.

Noboru Ueno, representative of Tricorder (Chuo Ward, Tokyo), which supports cybersecurity measures, also points out:

“Services like Gmail put significant effort into detecting suspicious emails to prevent damage from spam or malicious emails from attackers.”

However, compared to world-leading providers, Ueno adds:

“It seems that Japanese providers do not have very high capabilities in handling suspicious emails.”

It is unclear what kind of spam countermeasures email service providers are implementing in Japan, as disclosing such details could benefit attackers.

“Besides checking the email addresses to see if the sender is sending a large number of similar emails within a short period, we also examine the content of the email, including the text, links, and attachments,” says Fujita.