Leaving your “personal” email address on the web can make you vulnerable not only to spam, but also to Malware.
A lot of spam and MALWARE (but not all) comes from “harvesting” programs that spammers AND MALICIOUS mailers use to “harvest” email addresses left on Internet pages. Some spammers can also harvest addresses from “Forwarded” emails.
So, to eliminate the Internet page source of spam and Malware via your “personal” email address, there are three things you can do:
1) NEVER leave your “personal” email address on the Internet.
Now there are some sites that absolutely INSIST that you leave an email address – like when joining discussion groups, when making a purchase, setting up your profile for your Health Insurance web site, Online banking, etc.
For that requirement, see point #3.
2) On discussion group postings, always “mung” your email address if you want to post it. “Mung” means to disguise it. (“Mung” comes from “Mash Until No Good” as opposed to “Munge” which applies to passwords and comes from “Modify Until Not Guessed Easily”).
For example, one of my email addresses (see point #3 for why I have more than one) is rbjamie [at] gmail DOT com. Notice that I typed out “at” instead of using the @ symbol and “DOT” instead of the “.” symbol before a domain. That’s “munging”. Most harvesters look for the @ symbol to get email addresses and some even look for the @ symbol associated with a “.” domain, so if you leave out the @ symbol by typing “at”, the harvesters will not identify it.
However, spammers are getting more sophisticated tools, and harvesters may now look for “at” when it’s typed out – which is why I put it in brackets too. But then they may look for “at” in brackets too – it’s a real cat-and-mouse game.
3) This is the Tip that’s Most Important
Get an Internet Email account – such as Yahoo, Gmail (Google), or Hotmail (Microsoft) IN ADDITION to your ISP’s Email account (I call that one your “personal” email). Most of them are free.
For Internet stuff, leave your Internet email address. That way, even if spammers figure out a way to harvest your munged address, spam will only be delivered to your Internet Email address. And some of these IMAP accounts (Web Mail) have excellent spam filters anyway . . . most notably gmail.
It’s like having two snail mailboxes. One is for junk mail only, and the other is for “personal” stuff, like correspondence from family or friends and bills.
Here’s another point on this “two email” strategy. Give your uncontaminated “personal” email address to trusted family members and friends ONLY. And ask them not to forward chain emails and jokes unless they use your Web Mail address. (Actually, forwarding that stuff takes up excessive amounts of bandwidth needlessly, but that’s another topic for another time).
If you have to give an email address to verify yourself for certain blogs and Forums, you could always use a disposable email account like http://10minutemail.com. The email address last just long enough to verify the email then it just gets deleted. Take a look.
Nice find Brad! And a great way to keep your personal email hidden.
Sxipper (firefox add-on) has a disposable email function that will generate a 1 time use email and automatically forward it to your legitimate email address — worth a look if you’re trying to to gain security through obscurity (which we all know isn’t too helpful in the event that somebody specifically targets your account)
Mike,
Excellent find and I am glad you shared this. I have used this add-on and it works very well.
Thank you!
I use a separate account at mail.com, all the junk goes there and also allows me to sign up for some of the nastier places to get inside and peek around….not recommended for the average user LOL
It’s good to have a completely separate email account when having to enter such details online as more and more scammers are harvesting them and selling them on. Any good site will allow users to change their details if they need to.
Beyond that, I get a fair amount of spam on my site but the filters catch most of it but they are persistent in their attempts.
I didn’t mention these temporary email things in the article simply because I had written it several years ago and I did not use anything like that then. I was hoping the topic would be addressed in these comments, and it look like it has been done very kindly.
I have the “spamavert” add on (Colin turned me on to that one), and I installed Mike’s “sxipper” add on too . . . will the two connflict? It looks like maybe they do the same thing, except maybe sxipper forwards a notification to your regular email.
All I really want sxipper for is the disposable email, not all the other stuff like password storage and form filling.
I’m still messing with the settings for sxipper and don’t really have my arms around it yet. Have to read that sxipper help page. Any tips Mike?
I don’t agree with using at and dot if you are really being careful.
To collect email you need to write a program to look for the character @ then:
1 collect each letter prior to @ until you hit a space
2 collect each letter after the @ until you hit a space
one step slower (because “at” will appear more often than @) of a program will look for the characters at followed by a space, then collect letters forward until it hits a space
then
after the space if the next character set is one of the following dot ‘dot’ “dot” (dot)
collect it then the next set of character until you hit a space.
If you want to write out you address you can say my gmail address is UserName
If you can assume that people are smart enough to figure it out, my address is UserName@geemail.com or UserName@Yahooo.com
I have my name as a domain name, but I use gmail because it works like a free filter. Collect all my email and let me decide what is good and only the things that I really want make it to the real email address.
Actually, the address I used to post this comment is my filter address in gmail. Then I have my ‘real’ gmail address that people know then I have my domain address which very few know.
Mac,
There are many methods, but this one will prevent harvest programs from grabbing your email.
Great article and I have been careless of this in the past! I have spam in every corner of my life it seems:( You deserved a stumble:)
Dede,
It’s a always the simple things we overlook, I do it to. Thanks for the comment!
Also a great online tool for temp email addresses is spamgourmet. You can create temp addresses on the fly in the following format:
unigue name.number of emails you want to recieve.your nickname@spamgourmet.com
The email is automatically created and after the number of emails you set the rest gets eaten. You can increase the number manually afterwards on the site.
Thank you for your help!