Pin Me

How Spammers Get Your Email Address

written by: Lee Clemmer•edited by: Bill Bunter•updated: 5/17/2010

At some point every user of Internet email has to deal with spam. Unwanted, unsolicited emails about seemingly anything, from advertisements for questionable products, pornography, get rich quick schemes--you name it. Some spam appears very legitimate, but can disguise an attempt at identity theft.

  • slide 1 of 5

    How The Spammers Find You

    Spammers have several means of finding and collecting email addresses. Usually spam is unsolicited commercial email (UCE), but it can also be any sort of unsolicited electronic message; not just email. Some instant messaging profiles, online forums and message boards, or profiles on other membership Web sites may display your e-mail address. Social networking sites, including Facebook, also can display your email address publicly. It is important to set options in your profile so that your email address is not displayed, if that is possible (it usually is).

  • slide 2 of 5

    Web Harvesting

    Spammers will use Web crawling bots which are programs designed to scan web page content to find email addresses on web pages. They find addresses that are listed as contact information on web pages. Also, they will search for and find email addresses you have posted on online forums or community web sites. Usually now web sites that ask you to register using your email address will not sell or distribute it to spammers for their use--if they are legitimate sites. The site you have registered with will most often provide a means when you register to "opt out" of messages from "partners" that they may share your email address with. Always be sure to read the fine print and be sure to choose to opt out! The site usually also has an option to opt out of their own promotional messages, either when registering, as a link at the bottom of one of their emails, or in your profile settings on that site.

  • slide 3 of 5

    Spammer Databases

    Suppose one spammer has your email address--that doesn't seem so bad. Well, it can be. For one thing, if you try to "unsubscribe" to a spammer's bogus messages, they know from your reply that there is a real user at that email address that uses that account and actually responds to some messages. At that point, you have been verified, and the spammer may send many more messages to you, ones that appear totally unrelated to the original spam that was sent as a test. Even worse, spammers often trade or even sell databases of "verified" email accounts to other spammers. Your address can be spread around and the number of spam emails you get will increase exponentially.

  • slide 4 of 5
    Preventing Spammers From Getting Your Email AddressFortunately there are some very effective means to combat spam. Spammers had such an easy time finding and sharing email addresses from new, unsuspecting Internet users that for years it seemed like a losing battle for some. There has been so much expert effort in combating spam that now it can be possible to minimize it. Many email server and gateway techniques are used to prevent spam. If spammers don't yet have your address, there are actions you can take to keep them from getting it. As an active user of Internet services and companies, you are often asked to provide your email address, at the very least to verify your identity when registering on a site or for a service. Be careful when doing this that you are not allowing use of your email address for other means, and set options so that you are not allowing use of your email address and not displaying it publicly.
  • slide 5 of 5

    Spam Prevention

    Fortunately there are some very effective means to combat spam. Spammers had such an easy time finding and sharing email addresses from new, unsuspecting Internet users that for years it seemed like a losing battle for some. There has been so much expert effort in combating spam that now it can be possible to minimize it. Many email server and gateway techniques are used to prevent spam. If spammers don't yet have your address, there are actions you can take to keep them from getting it. As an active user of Internet services and companies, you are often asked to provide your email address, at the very least to verify your identity when registering on a site or for a service. Be careful when doing this that you are not allowing use of your email address for other means, and set options so that you are not allowing use of your email address and not displaying it publicly.

    When asked to provide your email address to another user on a forum that you know and trust, sometimes the address can be displayed without the "@" symbol, which reduces the effectiveness of the spam bot crawlers. You can also spell out your address other ways, such as "lee dot clemmer at brighthub dot com". Some Internet users enjoy using the less reputable services, and as a stopgap measure they set up a secondary email account with one of the free email services that is a "spam catching" account. They know that the spammers will get that address, so they always use it to register, use certain services, and to post in public Internet forums. Whether you take such a measure is up to you. The reality is that we're all going to use email on the Internet, so there's going to be a chance that spammers can obtain our email addresses. Using these techniques and a bit of common sense will go a long way toward preventing your inbox from filling with spam.

    Check out my articles detailing the Top Five Sources of Spam and spam prevention, and the Top Ten Facts About Spam. I've got an upcoming article on the top anti-spam techniques for businesses as well.