Friday, October 18, 2013

Why messages are marked as Spam

Gmail has an automated system that helps detect spam by identifying viruses and suspicious messages, finding patterns across messages, and learning from what Gmail users like you commonly mark as spam.

If you click your Spam label and open one of the messages, you'll see a message at the top with a brief explanation about why that particular message was placed in Spam. Use this information to protect yourself from potentially dangerous or fraudulent messages and to better understand why a message was or wasn't marked as spam.

Here are some of the explanations that you might see:

Phishing scams
Some spammers send fraudulent messages that try to trick you into sharing personal information like passwords or credit card numbers. This practice is called phishing.

What you need to know: 
We strongly recommend that you avoid clicking links in these messages and do not reply to them. Spammers can send messages that appear to be from a person or company that you know, and might even hack into someone's email and send messages from that account. Therefore, please be wary of these messages, even if you know the sender. Please know that Google will never ask for your password or sensitive information over email.

Actions you can take: 
If the message seems like an attempt to get your personal information, help our system learn from such attempts by reporting the message as phishing:
In Gmail, open the message you'd like to report.
Click the down arrow next to “Reply” at the top-right of the message pane. 
Select Report Phishing.

If the message is clearly not malicious, you can click the "Not spam" button to move the message out of Spam and into your Inbox. You can also select "Report not phishing" to let us know that the message is legitimate (click the down arrow next to "Reply" to see this option). By marking the message as not spam or phishing, Gmail's system will learn from that example and be more accurate in marking messages in the future. There are also some things you can do to prevent legitimate email from being marked as spam.

Messages from an unconfirmed sender
Spammers can forge a message to make it look like it's sent by a real website or company that you might trust. To help protect you from such messages, Google tries to verify the real sender using email authentication.

The authentication process tries to verify the real sender by looking at a message's authentication data. This data should be included in a message's "signed-by" or "mailed-by" headers (shown beneath the subject line when you look at a message's details). When the sender doesn't include this data, we can't be sure whether or not the message was forged. For example, a message might claim to be from a Gmail address, but we can't confirm that claim if the message doesn't have authentication data.

Several highly-phished domains have asked Gmail to enforce strict authentication checks on their mail. These domains include eBay, Paypal, and Google. All unauthenticated messages from these domains will be immediately sent to the spam folder. For more information, check out the Gmail blog or the DMARC site.

Missing authentication data can appear on legitimate messages as well as malicious ones. For example, Gmail might not be able to verify a message that was sent through a website (like when a friend shares a news article through an online newspaper), a message that was automatically forwarded (like from your school email address to your personal Gmail address), or a message sent to a mailing list.

What you need to know: 
It's important to be on alert for phishing scams, messages that try to trick you into sharing personal information like your passwords or credit card details, visiting a malicious website, or accepting a computer virus. Spammers can send messages that appear to be from a person or company that you know, and might even hack into someone's email and send messages from that account. Therefore, be wary of these messages, even if you know the sender. Please know that Google will never ask for your password or personal information over email.

For any suspicious messages, we recommend that you avoid clicking links and attachments and do not reply to the message.

Actions you can take: 
If the message seems like an attempt to get your personal information, help our system learn from such attempts by reporting the message as phishing:
In Gmail, open the message you'd like to report.
Click the down arrow next to “Reply” at the top-right of the message pane. 
Select Report Phishing.

If you see unauthenticated messages that you know are legitimate in Spam, there might be an issue on the sender’s side, or with your settings. If you're confident that the message is not malicious, click the Not spam button to move the message out of Spam and into your Inbox.

To prevent these types of messages from being classified as spam in the future, you can do one of the following:
If the address of the sender ends with “@gmail.com,” follow these troubleshooting steps.
If you are forwarding messages from another account into your Gmail and they are being marked as spam, follow these steps:
  • Click the gear in the top right and select Settings.
  • Open the Accounts tab.
  • Find the “Send mail as” section and click Add another email address you own.
  • Add the email address of the account you are forwarding from. Gmail will detect that you forwarded from that account and help prevent those messages from being marked as spam.
  • In all other cases, check these guidelines on how to prevent legitimate messages from being marked as spam.

Learn more


Messages you sent to Spam
You previously marked these messages as spam by clicking the "Report spam" or "Report phishing" button. Both actions will send the message to your Spam folder and remove it from your Inbox.

What you need to know: 
After you report spam for several messages from the same sender, our system will learn from your behavior and might continue placing that sender's messages to Spam even if you don't specifically report them.

Also know that you can create filters to route certain messages from Spam to your Inbox, or route spam messages to your Trash. We'll let you know whenever your filters caused a message that our system identified as spam to be moved to your Inbox; if you want those messages to stay in Spam, consider changing your filters.

Actions you can take: 
If you don't want the message to be in Spam, click the "Not spam" button to move it into your Inbox. If you mistakenly marked it as a phishing scam, please click the down arrow next to "Reply" at the top-right of the message pane, and select "Report not phishing" to let us know that the message is legitimate. By reporting that a message is not spam or phishing, you'll help teach Gmail's system what to do when it sees a similar message in the future.

You can adjust your filters if they're causing spam to be moved back into your Inbox.

Similarity to suspicious messages
Gmail uses automated spam detection systems to analyze patterns and predict what types of messages are fraudulent or potentially harmful. Here are just a few of the things our system considers when marking a message as spam:
Content that's usually associated with spam such as mature content and "get rich quick" schemes
Messages that falsely appear to be a "bounced message" response (a system-generated email that you might automatically get after sending a message that can't be delivered such as a message sent to an invalid email address)
Messages sent from accounts or IP addresses that have sent other spam messages
Behavior of other Gmail users, such as many people reporting spam from a particular sender
Similarity to other spam or phishing messages based on a combination of things like subject matter, elements like spelling and formatting, and suspicious attachments
A difference between your Gmail language preference and the language used in the message

What you need to know: 
  • It's important to be on alert for phishing scams, messages that try to trick you into sharing personal information like your passwords or credit card details. For any suspicious messages, we recommend that you avoid clicking links or attachments in these messages and do not reply to them. Please know that Google will never ask for your password or personal information over email.

Actions you can take: 
If the message seems like an attempt to get your personal information, mark "Report phishing" to help our system learn from such attempts.

If you're confident that the message is not malicious, you can click the "Not spam" button to move the message out of Spam and into your Inbox. There are also some things you can do to prevent legitimate email from being marked as spam.

Administrator-set policies
If your organization uses Gmail, the administrator within your group can decide what messages will not marked as spam.

What you need to know: 
These messages are routed to your Inbox according to your organization's request rather than Gmail's automated spam detection system. Therefore, it's possible that you might see spam messages routed to your Inbox.

Actions you can take: 
If you see messages in your Inbox that don't belong there, you can contact your mail administrator and ask for the domain policy to be changed.

If the message seems like spam but isn't in your Spam folder, click the "Report spam" button (plus mark "Report phishing" for messages trying to get your personal information).

Message content is empty
An email with no content in the subject and body of the message might be classified as spam. Spammers may send blank messages accidently due to an error, or on purpose to collect a list of valid email addresses to spam in the future.

What you need to know:
For any suspicious messages, we recommend that you do not reply to the message.

Actions you can take:
  • If the message is from a person you know or you're confident that the message is not malicious, you can click the Not spam button to move the message out of Spam and into your Inbox. There are also some things you can do toprevent legitimate email from being marked as spam.

No comments:

Post a Comment