July 25, 2022

17 tips to protect your website from spam

We will show you 17 effective tips to protect your site from spam
17 tips to protect your website from spam

10 tips to protect your website from spam

Almost everyone who uses email, messenger or social media has encountered spam messages. Usually, offers are sent that sound too good to be true: a free trip, winning a large amount of money, or something similar. The scammers urge you to make a decision right away, fill out a form and provide personal contact and payment details. Especially as a website or landing page owner, you will surely know this annoying problem. To avoid falling for these tricks, you should always check your messages carefully and pay attention to the details. Our 17 tips will help you recognize spam and avoid it for your site.

1. Pay attention to the design of the email

In emails, scammers often use another brand's logo to make the scam look more credible. Therefore, you should pay close attention to the design of the email. If it is from scammers, it will have inconsistencies and will not look as professional as the original. Scammers waste no time on the small, yet important details. Therefore, pay attention to whether high-quality images, the right layout, corporate colors or other visual must-haves were used.

2. Email content

Spam mail online
Spam mails usually contain malware. Therefore, you should never open the attachment of suspicious mails or click on the attached link. Spam messages that are in HTML format may also contain potentially dangerous scripts that will "infect" your PC or cell phone with the malicious software.
Therefore, pay attention to the following criteria:
● Unknown sender
● Unusual (cryptic) name of the sender
● Anonymous or unusual address
● No imprint
● No possibility to unsubscribe from the newsletter
● Noticeable grammatical and spelling errors
● Files or external link in the attachment
● Unusual or poorly prepared layout

3. Check the email sender

Email sender of a spam mail
Check email senders. Fraudsters often use sender addresses similar to the company's, e.g. "mail@onepage-app.io" (this email address does not exist).
If you are unsure whether it is a real email address, type the address into a search engine. Most of the time, the first search results will tell you that it is spam. Otherwise, you can ask the official support of the company.
Email clients only show the name of the person who sent the email. If you want to see the exact email address, you have to click on it explicitly. If you want to avoid spam messages, we strongly recommend you to do so - as you can set the name of the sender as you wish.

4. Payment details

Credit cards online
Use a separate credit card for your online purchases to protect yourself from scams. Get a card that you use only for online purchases. This will help prevent misuse of your sensitive payment information. If you order online for your business, make sure that the site is trustworthy. Often a look at the imprint is enough. If you don't find one or if there is suspicious information there, it's better not to enter your payment information there.
Hint: Also read our blog article "Legally compliant website: Watch out for these 5 risks". There we will show you important tips you should pay attention to in order to run a legally secure website.

5. Do not share your email address

Do not share the email address you used to sign in to your Onepage account (or other software). Share the email address only with selected contacts. This way, scammers won't be able to retrieve your information and use it to send spam.

6. Use a separate mail

Separate your personal and business email addresses from your online activities to protect yourself from spam. You can create a new email address with just a few clicks and use it for registrations and similar purposes. For example, use this email when you post something in groups or forums, as many spammers actively monitor and harvest newcomers to attack them with spam messages.

7. Never reply to spam emails

Any interaction with a SPAM message tells the scammer that the email is in active use. Therefore, you should never reply to spam messages or forward the email. Also, you should not give out any personal information, as this can make you a long-term target. Mark the spam messages as spam and delete the mail afterwards. You can also report suspicious emails to the Internet Complaint Center, for example, to protect yourself and others from fraud.

8. Protection for contact forms on your website

Online captcha for a website
Some spammers try to send their spam message through contact forms on your website. Most of the time, these are bots that automatically search the web for such forms and send spam messages. The found forms are filled in and sent using automated scripts. Of course, false contact information is provided. But you can also protect yourself against this.
How do you protect yourself?
So-called captchas are very effective here. Captcha is the abbreviation for "Completely Automated Public Turing test to tell Computers and Humans Apart". It is a string or code of images/letters that must be entered correctly by the user before the form can be submitted.
Another variant is to split the content of a form over several pages. This makes it harder for automated scripts to send spam messages.

9. Never post your email address on the public web

Make sure that you never put your email address on the public web. Because spammers are just waiting and constantly looking for email addresses which they can contact in order to offer their scams.

10.  "Think before you click”

"Think before you click” - A single click can put your data security at great risk. So be careful and check several times if the received email and its content are legitimate. Be especially careful if you receive an email asking you to submit your data by clicking on a link. You can check the destination of a link by hovering over it and seeing if the link actually leads to a real website. However, be careful here as well, because URLs can also be used to disguise links so that it actually seems that they come from a real company.  So watch out for anything suspicious in your daily routine and email traffic.

11. Use appropriate software tools

Another way to protect yourself from spam emails is to use the spam protection provided by your email software. Check what conditions your email provider is offering for spam protection. Anti-spam filters in antivirus programs can help to scan received emails for malicious content. In case of an email with malware, the automatic intervention of the program will forward it directly to the spam folder. Thus, spam protection reduces the chance of being tricked by scams and spam emails.

12. Do not use your email address as a username

When using an online service, your username should not be the same as the name preceding the “@” sign in your email address. For example, if your email address is "identity@gmx.com", your username should not be "identity". This is a very effective way to protect yourself from scams and spam messages of any kind.

13. Separate email addresses from the website

Another problem that is often associated with spam is what is known as “harvesting". This is a method where published mail addresses are collected from websites and then misused for spam.
How do you protect yourself?
To protect yourself from this spam method, you should separate your email address from your landing page or website. To do this, you can activate that users are only forwarded directly to your mail after an extra click. The link click opens the user's email program. For spam programs, such a link looks like a file - this way, your mail address will not be read automatically.

14. Email spam: Replace @ sign with "at" or "(at)"

To effectively protect your email address from spam, you can also replace the @ sign with "at" or "(at)". Real people will still be able to tell that it's your mail address by this change - but automatic crawlers won't.
Hint: Also read our blog article "Create a successful newsletter in 3 steps".

15. Check reviews and posts on your website

If users are allowed to post comments or reviews on your website, you should check them for spam before publishing. For this purpose, you can usually activate a moderation function in your site settings. To effectively prevent spam, reviews should not be able to be posted anonymously - especially if they contain links. Check each comment/review carefully for spam.

16. Remove spam accounts

It is best to regularly check your new registrations and incoming leads for suspected spam. The following criteria can give you information about possible spam suspicion:
● Names that do not sound like "real" people. For example: "User 87439" or "Free Download". If necessary, you can google names that you are unsure about.
● (Conspicuously) large number of completed forms
● users who provide little personal information

17. Train the spam filter of your email provider

Your email service provider works with automatic filters that recognize typical characteristics of spam messages when detecting spam emails. The filters analyze and scan the emails for suspicious content, such as spelling errors, foreign languages, or hyperlinks. However, this automated process is not perfect and does not detect all spam emails. But you can train your email provider's spam detection by deliberately marking fraudulent emails as "spam" so that in the future they will be forwarded directly to the appropriate spam folder. Trustworthy emails that end up in the spam folder, on the other hand, must be marked as "no-spam". The more often you filter the emails accordingly, the better the recognition of your email service will be!


We hope that our 17 tips will help you protect yourself and your site from spam more effectively. It is best to implement our tips today and protect yourself from possible spam. Especially in the future, watch carefully for possible spam messages in your email inbox.
On Onepage you can implement many of our tips directly! With Onepage we also offer you the possibility to create your own page for free and bring your business online: >> Click here and register your FREE Onepage account!
Start with Onepage for free. It’s fast and enjoyable
Create your free account
Onepage is free to use. It’s not a trial version. No credit card is required