At some point every user of Internet email has to deal with spam. Unwanted, unsolicited emails about seemingly anything, from advertisements for questionable products, pornography, get rich quick schemes--you name it. Some spam appears very legitimate, but can disguise an attempt at identity theft.
How The Spammers Find You
Spammers have several means of finding and collecting email addresses. Usually spam is unsolicited commercial email (UCE), but it can also be any sort of unsolicited electronic message; not just email. Some instant messaging profiles, online forums and message boards, or profiles on other membership Web sites may display your e-mail address. Social networking sites, including Facebook, also can display your email address publicly. It is important to set options in your profile so that your email address is not displayed, if that is possible (it usually is).
Web Harvesting
Spammers will use Web crawling bots which are programs designed to scan web page content to find email addresses on web pages. They find addresses that are listed as contact information on web pages. Also, they will search for and find email addresses you have posted on online forums or community web sites. Usually now web sites that ask you to register using your email address will not sell or distribute it to spammers for their use--if they are legitimate sites. The site you have registered with will most often provide a means when you register to "opt out" of messages from "partners" that they may share your email address with. Always be sure to read the fine print and be sure to choose to opt out! The site usually also has an option to opt out of their own promotional messages, either when registering, as a link at the bottom of one of their emails, or in your profile settings on that site.
Spammer Databases
Suppose one spammer has your email address--that doesn't seem so bad. Well, it can be. For one thing, if you try to "unsubscribe" to a spammer's bogus messages, they know from your reply that there is a real user at that email address that uses that account and actually responds to some messages. At that point, you have been verified, and the spammer may send many more messages to you, ones that appear totally unrelated to the original spam that was sent as a test. Even worse, spammers often trade or even sell databases of "verified" email accounts to other spammers. Your address can be spread around and the number of spam emails you get will increase exponentially.