Learn to protect
your privacy.

How to Filter Junk Email in Gmail, Yahoo & Xfinity

Your inbox is a battlefield. Every day, marketers, spammers, and scammers compete for your attention — and your data. Learning to filter, block, and unsubscribe safely is one of the most practical privacy skills you can develop.

Gmail — Setting Up Filters

Gmail's filter system is powerful but buried. Here's how to use it to automatically delete, archive, or label junk before it hits your inbox.

1. 01Open Gmail on desktop → click the search bar → click the filter icon (three sliders) on the right side of the search bar.
2. 02Enter the sender's email address or a keyword that appears in junk mail — like "unsubscribe" or "offer expires".
3. 03Click Create filter → choose what to do: Delete it, Skip Inbox, Mark as read, or Apply a label.
4. 04Check Also apply filter to matching conversations to clean up existing emails too.
5. 05Click Create filter to save. Gmail will now automatically handle matching emails.

Yahoo Mail — Spam Filters & Blocked Senders

1. 01Open Yahoo Mail → Settings (gear icon) → More Settings → Filters.
2. 02Click Add new filters → give it a name → set your conditions (From, Subject, Body).
3. 03Choose the folder — select Trash to auto-delete matching emails.
4. 04To block a sender directly: right-click any email → Block Sender. Yahoo will move future emails from that address to spam.

Xfinity / Comcast Email

1. 01Log into your Xfinity email at connect.xfinity.com.
2. 02Go to Settings → Email Settings → Spam Filter.
3. 03Enable spam filtering and set the sensitivity level. Medium is a good starting point.
4. 04Add specific senders to your blocked list under Blocked Senders.

Unsubscribe vs. Delete — Which Is Safer?

Legitimate marketing emails: Use the unsubscribe link. Reputable companies are required by law (CAN-SPAM Act) to honor unsubscribe requests within 10 business days.

Suspicious or unknown senders: Never click unsubscribe. Clicking confirms your email address is active, which can result in more spam. Just delete or block.

Hidden Tracking Pixels

Many marketing emails contain invisible 1x1 pixel images. When you open the email, your email client loads the image, silently notifying the sender that you opened it, along with your approximate location and device type.

How to block tracking pixels in Gmail: Settings → See all settings → General → Images → select "Ask before displaying external images". This prevents automatic image loading and stops tracking pixels from firing.

In Apple Mail (iPhone/Mac): Settings → Mail → Privacy Protection → enable Protect Mail Activity. Apple routes images through their proxy servers, masking your IP and blocking pixel tracking.

What Is DNS & Why Does It Matter for Your Privacy?

Every time you visit a website, your device performs a DNS lookup — a query that translates a domain name like google.com into an IP address your device can connect to. This happens thousands of times per day, for every device on your network.

The problem: by default, these queries are sent in plain text to your ISP's DNS servers. Your ISP can see every domain you look up — every website, app, and service your household uses.

What Is DNS Over HTTPS (DoH)?

DNS over HTTPS (DoH) encrypts your DNS queries so they can't be intercepted or logged by your ISP. Instead of plain text queries going to Comcast, your queries travel encrypted to a private DNS resolver.

How to Enable DoH on Your Devices

iPhone/iPad: The easiest way is to install a DNS profile. Harbor Privacy customers receive a personal profile — but you can also use Cloudflare's free profile at 1.1.1.1/dns/.

Android/Pixel: Settings → Network & Internet → Private DNS → enter a DoH hostname. Cloudflare's free option is one.one.one.one.

Windows 11: Settings → Network & Internet → your connection → DNS server assignment → Edit → set to Manual → enable DNS over HTTPS.

Mac: System Preferences → Network → Advanced → DNS — add a DoH server. Requires a configuration profile for full DoH support.

How Your ISP Tracks You — And What You Can Do About It

In 2017, Congress voted to allow ISPs to collect and sell your browsing data to advertisers without your consent. Comcast, Verizon, AT&T, and others can legally monitor your internet activity and monetize it.

What ISPs Can Collect

1. →Every website you visit via DNS queries — even in incognito mode
2. →How long you spend on each site
3. →What devices are on your network
4. →Your general location based on IP address
5. →Unencrypted browsing traffic (HTTP sites)

How to Limit ISP Tracking

1. 01Use DNS over HTTPS — encrypts your DNS queries so your ISP can't log which domains you visit. This is the single most effective step for most households.
2. 02Use HTTPS websites — look for the padlock in your browser. HTTPS encrypts the content of your browsing so your ISP can only see the domain, not the specific pages.
3. 03Use a VPN — routes all traffic through an encrypted tunnel. Effective but requires trust in the VPN provider. Free VPNs often sell your data themselves.
4. 04DNS-level ad blocking — blocks tracker domains before they load, reducing the data footprint your devices create.

How to Spot Phishing Emails & Malicious Links

Phishing attacks are responsible for the majority of data breaches and identity theft cases. They work by tricking you into clicking a link or entering credentials on a fake website. Learning to spot them takes minutes — and can save you from major consequences.

Red Flags in Emails

1. →Urgency and fear — "Your account will be suspended in 24 hours." Legitimate companies don't rush you into clicking links.
2. →Mismatched sender address — the display name says "PayPal" but the actual email is from [email protected]. Always check the full email address.
3. →Suspicious links — hover over any link before clicking (on desktop). The URL that appears should match the company. paypa1.com is not PayPal.
4. →Generic greetings — "Dear Customer" instead of your name. Legitimate companies know your name.
5. →Unexpected attachments — never open attachments you weren't expecting, even from people you know. Their account may be compromised.

How to Check a Suspicious Link

Before clicking any link in an email, text, or social media post:

1. 01On desktop — hover over the link. The actual URL appears in the bottom of your browser. Read it carefully.
2. 02On mobile — press and hold the link. A preview of the URL appears. Don't tap if it looks wrong.
3. 03Use virustotal.com — paste any suspicious URL and it will scan it against dozens of security databases.
4. 04When in doubt — go directly to the website by typing it in your browser instead of clicking the link.

If You Think You've Been Phished

1. 01Change your password immediately on the affected account — from a different device if possible.
2. 02Enable two-factor authentication (2FA) on the account.
3. 03Check for unauthorized activity — logins, purchases, sent emails.
4. 04If financial information was entered, contact your bank or card issuer immediately.
5. 05Run a malware scan on the device you used.

Unbound & Recursive DNS — What It Actually Means

Most DNS resolvers — even privacy-focused ones like 1.1.1.1 — still see every query you make. You're trusting a third party not to log or sell that data. Unbound cuts that out entirely.

Harbor Privacy runs Unbound, which means your DNS queries go directly to the authoritative servers for each domain — no middleman, no upstream resolver logging your activity. When you look up google.com, the query goes to Google's own nameservers directly, not through Cloudflare or your ISP first.

How Normal DNS Works

Your device asks your ISP's resolver → ISP asks a root server → root server points to the TLD → TLD points to the authoritative server. Your ISP sees every single step.

How Unbound Works

Your device asks Harbor Privacy → Harbor Privacy asks the root server directly → gets the answer → done. No ISP in the loop. No third-party resolver logging your queries.

Why This Matters

DNS-over-HTTPS encrypts the query so your ISP can't read it. Unbound goes a step further — it eliminates the upstream resolver entirely. Combined, nobody in the middle can see what you're looking up.

Smart Home Devices Are Watching More Than You Think

That smart TV, the Alexa in the kitchen, the Roomba — they're all constantly phoning home. Not just for updates. For behavioral data, usage patterns, voice snippets, and in some cases video metadata.

What Gets Sent

Smart TVs are among the worst offenders. Vizio was fined $2.2 million by the FTC for collecting viewing data without consent. Most smart TVs use Automatic Content Recognition (ACR) — software that screenshots whatever is on screen every few seconds and sends it back to the manufacturer.

Smart speakers send audio clips back to Amazon and Google for "quality review." Even your robot vacuum maps your home — iRobot explored selling floor plan data to smart home companies before public backlash killed the plan.

What Harbor Privacy Blocks

At the DNS level, Harbor Privacy blocks the tracking endpoints these devices use — ACR servers, telemetry endpoints, ad targeting domains. Your Alexa still works. Your TV still streams. The data collection side just gets cut off before it leaves your network.