You open your email and see a flood of messages touting free consultations, sales, "breaking" news, and other unwanted information. You didn't ask for any of it, so why is your inbox filled with spam email? Here's a look at five ways spammers get your email address and how to protect your email address from spammers in the future.
Many spam emails are caught in a spam folder in your email program. However, just because an email isn't in that folder doesn't mean it's safe; spam can definitely land in your inbox folder, too.
How Spammers Get Your Email Address
There are several ways spammers get your email address. Here's a look at each method and what you can do to defend your inbox against these unwanted intrusions.
Data Breaches
Cybercriminals can break into websites and leak giant lists of user account information. This can include sensitive details like social security numbers but, at the very least, it's almost always a name and email address. This is so common that there are whole services built around alerting you when your data has been found in a breach.
Email Address Lists
Spammers purchase email addresses both legally and illegally. When you create an account on a website or service or make an online purchase, read the privacy policy carefully. Your email address could be sold to a marketing list, creating unwanted junk mail. Additionally, dishonest employees of ISPs sometimes sell email lists via eBay or on the black market. These lists are also often available after a data breach.
Harvesting Programs
Any web page text that contains the @ character is fair game for email harvesting programs. Spammers and hackers use complex automated tools to scan the web and gather email addresses. Spammers harvest email addresses from mailing lists, websites, chat rooms, domain contact points, and much more. Understand that if you list your email address online, a spammer will find it.
Dictionary Programs
Also commonly known as "brute-force attacks," dictionary programs generate alphanumeric combinations of email addresses in sequence. While many of the results are incorrect, these dictionary programs can create hundreds of thousands of addresses per hour, guaranteeing that at least some will work as targets for spam.
Dishonest Newsletter Services
Dishonest newsletter services will sell your email address for a commission. A very common tactic is to blast millions of people with a false "you have joined a newsletter" email. When users click on the Unsubscribe link, they actually confirm that a real person exists at their email address.
After a spammer gets your email address, they feed it to their spamming software (ratware) and then will often use botnets and falsified email addresses to spam you.
Protect Your Email Address From Spammers
While there's no foolproof way to steer clear of spammers, there are a few manual techniques that can help hide your email address.
Disguise Your Email Address
One tactic is to hide your email address using obfuscation techniques. For example, insert strings, characters, or spaces into your email address when you post it online.Posting your email address as an image is another way to disguise it.
Use a Disposable Email Address
Another method is to use a disposable email address when you need an email address to sign up for something online, or if you need to post an email address online. Some disposable email addresses are aliases of your real email address, meaning they forward messages to your actual address; others are incredibly temporary, expiring after a set time, and are not associated with your real address. Move on to a new disposable address if one starts getting spam.
Use an Encoding Tool
To take the obfuscation a step further, use an email address encoding tool when you publish your address on your website or blog. This will convert your email address into characters that most email scrapers can't read, eliminating its ability to harvest your address.
Delete Without Unsubscribing
If you receive an unsubscribe request from a newsletter you never actually subscribed to in the first place, simply delete the email. Don't follow the unsubscribe link, as that may just validate your email address for spammers.
Never Use the Same Password for Your Accounts
If a spammer finds your email address, they could potentially use it to break into other accounts by resetting your passwords. Using the same password for your email and other accounts makes it even easier for them to take control. Once in, they can access everything you can access when you log in to your email like make unauthorized purchases or even lock you out of your accounts entirely.
If your email address has been found in a breach or you suspect it's been picked up by someone who could use it for shady purposes, turn on two-factor authentication (2FA) for your email account immediately. If your email password is the same password used by any of your other online accounts, change it as quickly as possible because your password might have been stolen, too.
Always use unique passwords for each account and never reuse your main email account password for anything else.
Was this page helpful?
Thanks for letting us know!
Get the Latest Tech News Delivered Every Day
Subscribe
Tell us why!