Protect Email Addresses From Spammers

According to the latest stats I have seen, spam (unsolicited bulk email – UBE) is growing at an alarming rate of 1.2% per day. That means that the amount of spam delivered today was 1.2% more than yesterday and tomorrow it will increase again. I wish I could say that about my savings account. Nevertheless, there are some things you can do to protect your email address from spammers.

The Problem
First of all, let’s understand how it is that spammers get a hold of your email address in the first place.

1. Opt-in registration – you agree to receive solicitations from “legitimate” sources.

One of the simplest methods spammers use for getting spam-able email addresses is buying lists from websites who collect email addresses as a part of their normal activity. Some of these lists were created in “legitimate” ways such as having an “opt-in” check box on a registration. Often these opt-in check boxes are checked by default and the user has to un-check it to avoid getting on the list. Or, they are cleverly worded in order to get the user to not only agree to receive “legitimate” updates and offers from the website, but also anyone to whom they might sell their list. Deep within their terms of use you might find that by providing your email address you are “opting in” to having your email address sold like a cheap hooker to anyone willing to pay. Of course, you won’t know about that unless you actually read the legal stuff on a privacy policy or terms of use page.

2. Your email address was compromised by poor security or an inside job.

Websites that store personal information online must secure that information so that hackers cannot get to it without great effort. Nothing is fully hacker-proof, but strong server security is a hard target and in most cases the would-be intruders move on to an easier target. This is not often the case with smaller companies and start-ups. They often use shared hosting and never give a thought to security. They often do not comprehend the simplicity of hacking an insecure site.

Additionally, even secure companies can’t always prevent an inside job. The bigger companies who employ an IT staff that knows their way around the security email1and1 may be compromised by a mole. This would be someone who steals the email list and sells it to anyone willing to buy it. There is no way you or I can avoid this scenario. If there is a dirty employee, only the company can stop them and they usually don’t until it already happened once.

3. Your email address was harvested by a harvester bot.

A harvester bot is a program designed to crawl through the code and content of your website much like search engine crawlers. However, these evil bots have one thing in mind as they scan through your html code: email addresses. I have seen a new email address that I created for one specific purpose without any safeguards and saw it get spammed within a week of being posted. The longer it was up, the more spam it received. Once this happens, that email address is compromised. There is NOTHING you can do to un-do it. The damage is done.

4. Dictionary harvesting – guessing common email addresses.

This is where you may create email addresses for various reasons. Info@, or contact@ are examples of common email aliases or address used by website owners. The problem is that these are too common and easy to guess. Even personal email addresses like” sally775@y*hoo.com” can be guessed. You may take all the precautions to prevent compromise but if the email you are protecting is a common generic email address, you will lose the battle.

Suggested Solutions that will truly work
1. Never opt-in to receive promotional email from anyone at all!

The truth is that you never know who is going to sell your email to some spammer. Moreover, the list might be stolen by some sneaky employee who sells it to spammers without the company knowing about it. So, when there is an option to opt-in or out… opt-out every time.

2. Use “disposable” email addresses when registering with websites or posting contact info on your website.

A disposable email address is one that you create with the idea that if it were to be compromised, you can ditch it without much hassle. For website owners, it is very wise to use a disposable email address for your published contact email. If the spam starts to come in torrents, you simply shut it down and replace it with a new one. For business cards, stationary, or direct client contact it is best to use a more permanent email address rather than a disposable one.