NewCreations Knowledge Base
Search the Knowledge Base:

Match words.

Help! How are spammers getting my email address?

There are many ways in which spammers can get your email address. The ones we know of are:

1. From posts to UseNet with your email address.
Spammers regularily scan UseNet (News Groups) for email address, using readily available programs designed to do so.

2. From mailing lists.
Spammers regularily attempt to get the lists of subscribers to mailing lists [some mail servers will give those upon request], knowing that only a few of the addresses are invalid.

3. From web pages and web forms.
Spammers have programs which spider through web pages, looking for email addresses, e.g. email addresses contained in mailto: HTML tags [those you can click on and get a mail window opened]. Or they scan the HTML for the email address the completed form will emailed to.

4. From "Guest Books" and various other web and paper forms.
Some sites request various details via forms, e.g. guest books & registrations forms. Spammers can get email addresses from those either because the form becomes available on the world wide web, or because the site sells / gives the emails list to others.

Some companies would sell / give email lists filled in on paper forms, e.g. organizers of conventions would make a list of participants' email addresses, and sell it when it's no longer needed.

WHOIS or Domain name registration forms are a favourite as well - addresses are most usually correct and updated, and people read the emails sent to them expecting important messages - but what can you do - you MUST keep your address current on your domain registration to keep your domain.

5. Via an Ident daemon.
Many unix computers run a daemon (a program which runs in the background, initiated by the system administrator), intended to allow other computers to identify people who connect to them.

When a person surfs from such a computer connects to a web site or news server, the site or server can connect the person's computer back and ask that daemon's for the person's email address.

Some chat clients on PCs behave similarily, so using IRC can cause an email address to be given out to spammers.

6. From a web browser.
Some sites use various tricks to extract a surfer's email address from the web browser, sometimes without the surfer noticing it. Those techniques include :

a) Making the browser fetch one of the page's images through an anonymous FTP connection to the site. Some browsers would give the email address the user has configured into the browser as the password for the anonymous FTP account. A surfer not aware of this technique will not notice that the email address has leaked.

b) Using JavaScript to make the browser send an email to a chosen email address with the email address configured into the browser. Some browsers would allow email to be sent when the mouse passes over some part of a page. Unless the browser is properly configured, no warning will be issued.

c) Using the HTTP_FROM header that browsers send to the server. Some browsers pass a header with your email address to every web server you visit.

7. From IRC and chat rooms.
Some IRC clients will give a user's email address to anyone who cares to ask it. Many spammers harvest email addresses from IRC, knowing that those are 'live' addresses and send spam to those email addresses.

8. From finger daemons.
Some finger daemons are set to be very friendly - a finger query asking for john@host will produce list info including login names for all people named John on that host. A query for @host will produce a list of all currently logged-on users.

Spammers use this information to get extensive users list from hosts, and of active accounts - ones which are 'live' and will read their mail soon enough to be really attractive spam targets.

9. AOL profiles.
Spammers harvest AOL names from user profiles lists, as it allows them to 'target' their mailing lists. Also, AOL has a name being the choice ISP of newbies, who might not know how to recognize scams or know how to handle spam.

10. By guessing and cleaning.
Some spammers guess email addresses, send a test message (or a real spam) to a list which includes the guessed addresses. Then they wait for either an error message to return by email, indicating that the email address is correct, or for a confirmation.

11. From white and yellow pages.
There are various sites that serve as white pages, sometimes named people finders web sites. Yellow pages now have an email directory on the web.

Spammers go through those directories in order to get email addresses. Most directories prohibit email address harvesting by spammers, but as those databases have a large databases of email addresses + names, it's a tempting target for spammers.

12. From a previous owner of the email address.
An email address might have been owned by someone else, who disposed of it. This might happen with dialup usernames at ISPs - somebody signs up for an ISP, has his/her email address harvested by spammers, and cancel the account. When somebody else signs up with the same ISP with the same username, spammers already know of it.

Knowledge Base Home


Questions? | OrderHome
All text and graphics © 1996-2001
NewCreations Network and NewCreations Web Design

NewCreations Network -
19019 International Blvd., Suite 131 Seattle, WA 98188