How They Got Your E-mail Address
The Center for Democracy & Technology conducted a study recently, trying to determine the ways in which spammers collect e-mail addresses. They also looked at ways that people attempt to mask or hide their e-mail address when posting to the "public Web." Though a little on the technical side, the relatively short study may prove an interesting read to many of our customers, especially those inundated by spam.
Of particular note, the study found that 97% of the spam they received came from posting e-mail addresses on Web pages, USENET news groups, Web site discussion forums, etc. Just like search engines, spammers have utilities that read Web pages. Instead of creating a searchable index, however, the spammers scan those pages for e-mail addresses.
The study also showed that removing your address from the public Web resulted in less spam. I found this news shocking as I'd always assumed that spammers kept collecting and collecting addresses and that, once in their database, there was little recourse. However, it appears that, for whatever reason, spammers tend to cycle addresses through their database.
This is good news as it means that with a little effort, you may be able to substantially reduce the amount of spam you receive. To do so, search Google for your e-mail address. You should see most of the pages that contain your e-mail address, whether it's your own Web site or a forum you once posted to. You can go to each of those sites and remove it or politely request that the Web master remove the address.
Alternatively, you could change your address to its encoded form. As the study found, it appears that most of the e-mail address harvesting utilities do not understand encoded addresses. However, Web browsers do. This means that when viewing your e-mail address in a browser, the e-mail address will be readable.
There are quite a few sites out there which will encode your e-mail address for you. For example, they will turn the e-mail address firstname.lastname@example.org into:
So, you don't have to know how or even why this works. All you have to know is that, when you would usually type your e-mail address (e.g. when posting to an online forum), you would use this string instead. Of course, no one can remember a string that looks like that, so you'll have to keep it handy, maybe in Word document or text file on your desktop.
The study also looked at the some major Web sites and how they treat customer e-mail addresses and privacy. They signed up with sites like Travelocity.com, Macys.com, and WebMD.com. For the most part, they found that the major Web sites honored their customer's request not to receive further bulk mailings.
However, there were several offenders. Most notably, Walmart.com, Priceline.com, and Casino.com continued to barrage their customers with e-mail against their wishes. Is it any wonder that the sites which position themselves as the way to get great deals or sponsor online gambling are also the biggest sources of spam.
This leads me to my number one rule for Internet survival: Nothing is free. Good deals usually aren't. And privacy certainly isn't sacred. Maybe that's two or three rules, I don't know. But one thing's for sure, simple common sense will keep a lot of spam out of your inbox.
All in all, the study produced some interesting information. Though of a slightly technical nature, many of our customers may find this information informative and useful in helping combat the flood of spam they receive. It has also given us some interesting insights into how we might better educate our customers and design their Web sites as to prevent spam harvesters.