If you are anything like me, you've noticed that you are
getting a lot of spam lately. How the heck do these spamming
jerks get our email addresses anyway?
Web sites -
There are quite a few inexpensive programs
(usually less than a hundred bucks) which automatically scan
web sites for any email addresses. These are called email
spiders, and they are becoming very, very aggressive. If, like
many people, you have your email address coded into your web
site (using a "mailto:" link), then the spiders can pluck it
right off your own pages.
To prevent this, it's wise to simply not include your email
address anywhere on any web site. If you must post an email
address, be sure it's not your primary address (in fact, a
throw-away free email address is perfect for this purpose). If
you must post your real address, you can hide it by using
forms or by placing the email address in a graphic image).
Guestbooks -
Likewise, if you've signed guestbooks, then the
same email spiders can get your address from them. Many
spammers specifically program their harvesters to look for
email address-rich guestbooks.
It's a fantastic idea to use one of those free email accounts
for your guestbook signing.
Signing up for free stuff< - Perhaps you like to sign up for
free stuff or newsletters? If so, it's likely that at least
one of them either was a spammer, or sold your email address
to one. Again, it's a great idea to use one of those free email
accounts to sign up for newsletters and free stuff.
Guessing - It's also possible the spammers just made a good
guess at your email address. I mean, if your name is "John
Smith" and your email address is "john.smith@primenet.com"
then it's easy for them to figure out. The new .NAME domain
name makes this even simpler - the format is merely
"first.last.name" for the web site and "first@last.name"
for the email address.
Replying to spam - You may have made the mistake of replying
to spam sometime in the past. Why is this a mistake? Because
when spammers send you a message they think they have a good
email address - once you reply they know they got a good one
without a doubt.
Email messages - A friend of yours may have sent an email to a
list using "cc:" instead of "bcc:". This basically hands all
of the email addresses in the "cc:" to everyone on the list.
To prevent this, you need to educate your friends on the use
of "Bcc:".
Internet listings - You may be listed in one or more of the
various internet white or yellow pages. It's a good idea to
check these once in a while and delete your email address
when you find it.
Newsgroups - If you've posted to newsgroups with your real
email address, then you've simply given it away. This is one
of the spammers favorite places to get new email addresses.
What they do is harvest email addresses by the thousands using
automated software especially designed for this purpose. To
make it even worse, newsgroup postings are available forever
(especially now that they are supported by Google), which
means even one posting leaves your address exposed to the
world.
Domain Name Registration information - It's a legal requirement
that all domain names have valid contact information. In
addition, this information is freely available to anyone, in
the same way that land ownership records are publicly available
at the local city hall. Spammers (and the domain registrars
are often guilty of this sin) will interrogate the WHOIS
databases for these email addresses.
Mail Servers - Some mail servers allow people to request a
list of all of the email addresses for a particular list. This
is a normal function which allows administrators to back up
the list and to find out who has subscribed. However, poorly
configured lists allow these addresses to be returned with
minimal security. Some spammers know this and will regularly
test lists to see if they can get the addresses.
Mail Server Lists - These days this is more uncommon, but
sometimes spammers will get the names of mailing lists and
just send their spam to the lists, allowing the list server
to send it to everyone on the list. Most lists will not allow
non-subscribers to send emails (although some very poorly
configured ones will), but subscribers are a different issue.
Good moderation can prevent this from occurring, or at least
reduce it's frequency.
It is inevitable that you will receive some spam. However,
with a few precautions you can reduce it to a nuisance instead
of a major chore. Learn to treat your primary email address
as a valuable commodity and you will be getting off to a good
start.
AOL Profiles - A rich source of email addresses is from AOL
(and other) profiles. These are very easy to access and it's
extremely common for spammers to attempt to do so.
Message Board Profiles - Be careful when entering your email
address on message boards, especially in the profile. These can
be retrieved by email harvesting programs. If you must include
a publicly available email address, then either use a filtered
account (such as spamcop.net) or a throw-away free email
account.
IRC and chat rooms - It's pretty straightforward for spammers
to harvest email addresses from IRC (a form of chat room) and
AOL chat rooms. Use throw-away email addresses for use only
when chatting - never use your primary email address.
Previous owner of domain - If you purchase a domain that's
been previously used, you also inherit any spam that might
be emailed to that domain. In fact, occasionally domain names
are abandoned because the volume of email is so huge that it
cannot be sustained by a server.
Previous owner of an email address - If you happen to create
an email account which matches a previous email account name,
you will inherit any spam that's being sent to that address.
Paper forms - Don't forget the value of paper. It's not unheard
of for a spammer to grab a printed copy of a mailing list off
someone's desk, then type that list into a computer.
Purchasing Lists - Email lists can be purchased from a person
or company. In fact, it's possible to make quite a bit of money
selling a list to a spammer, especially of those members of a
list are known to have purchased something in the past.
By hacking into a system - It's reported in the news
occasionally that some database has been stolen. Usually this
involves credit card information, but oftentimes the email
database is stolen as well. These databases may be sold to
spammers upon occasion.
Social Engineering - This occurs when someone convinces
another person or company to give them an email address.
This might be the result of a chain letter or some offer via
email (for something free), or some other innocent-sounding
scheme.
Richard Lowe Jr. is the webmaster of Internet Tips And Secrets
at http://www.internet-tips.net - Visit our website any time to
read over 1,000 complete FREE articles about how to improve your
internet profits, enjoyment and knowledge.
