What is The CAN-SPAM Act and Why is it Important?

Every day our inboxes are filled with emails, much of it spam. The amount of junk email each person gets every day is astounding. What is even more surprising is that there are laws meant to prevent it, but how well do they work?

What is the CAN-SPAM Act?

Every day, roughly 3.9 billion people send and receive emails. More than 80% of marketing companies believe that email marketing retains customers and increases their revenue exponentially. There is no doubt; that email is here to stay. However, along with the legitimate business and personal emails we all get and send, scammers also use email to trick unsuspecting victims using phishing scams and other types of attacks.

In 2003, Congress passed a law called the CAN-SPAM Act, which was designed to control spam emails. The law dictates users’ rights and spells out how to stop unwanted spam emails. Even though the law stipulates steep fines for a violation, we still get a lot of unwanted spam.

The law does not make spam illegal, but it does provide consumers with options to “opt-out” or “unsubscribe,” and the companies have a specific amount of time where they have to remove that person from the email list. However, we have all attempted to unsubscribe from email lists and then continue to receive them anyway. The FTC is responsible for enforcing these laws. Therefore, when this happens, you have to file a complaint with them to have the company notified, fined and to change their unsubscribe process.

The law was enacted in response to the realization that roughly 50% of all email was unsolicited commercial spam. Congress also discovered that most were using “deceptive” or “fraudulent” tactics to engage with customers and get them to purchase or click links within the email. 

How Does the CAN-SPAM Act Work?

The CAN-SPAM Act has very specific criteria in its framework to protect consumers from fraudulent email practices. They include:

1. The email must provide a clear way for recipients to “opt-out” or unsubscribe.
2. The sender of the email must be clearly defined. You cannot send emails pretending to be someone else. Of course, spammers do it all the time anyway.
3. The subject line must be accurate and not misleading.
4. If the email contains an advertisement, it must be clear and use that wording.
5. The company sending the email must include their physical location with a valid U.S. address or post office box. 

Additionally, the law requires that companies make it easy for the consumer to opt-out immediately, and they must remove them from the list within ten days. If they outsource their email, they must monitor the third-party company to ensure they comply with the CAN-SPAM Act on their behalf.

How to Protect Yourself From Spam

The CAN-SPAM Act was a good start, but unfortunately, it does little to help stop the constant flow of unwanted scammer emails that flood our inboxes every day. Therefore, you need to know how to protect yourself against this potentially dangerous threat. 

• Configure your email client to filter out junk and spam. You can set up mailboxes to collect the messages, and then you can go through them later to make sure no legitimate mail ends up there.
• Many email addresses end up on the dark web through data breaches; however, try to keep your email address private and share it only when necessary. 
• Do not click any links in an email. Do not download any attachments either.
• If an email has legitimate-looking logos, colors, and fonts but urges you to log onto your account to fix a problem, be wary. Instead of clicking inside the email, verify with the actual company that there is a problem. Use extra caution with your bank account and credit card logins.
• Always verify the sender of the email. What may look like a legitimate email address can be spoofed and really belong to a spammer. 
• Never reply to spam emails. It only confirms to the scammer that you check this email address, and it will promote more, not less spam. 
• Keep all your devices updated with the latest security patches.
• Never use the same username/password on multiple websites. 
• Install and run deep scans through good, strong antivirus/anti-malware software.

Always use common sense, and if you receive something that panics you or makes you feel like you have to do something quickly (even if it evokes excitement), slow down and investigate first. Scammers play on your emotions, hoping you will click a link, infect your computer, or hand over confidential information so they can perpetrate fraud on you or steal your identity. 

Remember, if something sounds too good to be true, it usually is.