Technological progress is like an axe in the hands of a pathological criminal.
— Albert Einstein
With new technology, comes new concerns. In the case of electronic mail, it is that of spam. At least when we get junk mail at home, we can quickly sort through it and drop it into the recycle bin. The fact that you have to pay someone to print and deliver the flyers does serve to deter companies from filling up everyone’s mailbox with non-addressed mail. Spam, on the other hand, can be sent for almost free. I guess they must make some sales out of it, or you would think that they would have given up on the tactics long ago. But where do they get email addresses to spam? Unlike delivering flyers, where you can just walk down the street, you have to actually know someone’s email address.
From what I’ve gathered over the years, spammers gather email address in three main ways:
- Ask you for it — You are thinking, “I would never give my address to a spammer!” and you probably wouldn’t, if you knew what you were doing. Sometimes websites will ask for your email address for mailing lists or registration, and then sell it over to spammers. Reading website’s privacy policies can be helpful, and respectable websites realize this isn’t a good way to keep up a reputation.
- Find it on the web — In much the same way that search engines go over the web, spammers can write little programs, called robots, that “crawl” the web, following the links on pages and sending the email address they find back. These addresses can be in the text you read when you view the web page, or it can be hidden away in the HTML coding that typically only web programmers, web browsers and robots care to look at. This is why many sites warn you not to post your email address on the web.
- Buy it off someone else — Sometimes spammers with a little money and less technical know-how or time will buy lists of email addresses. The advantage to this, for the spammer, is that you can get lists of “confirmed” emails.
So how do you get around this? The simplest way is just not to have an email address, but for most of us, this isn’t a practical solution. Another option, as I did when I set up this website, is to have a “public” email. But I came across an ingenious solution this last week - put your email in an image. This works much the same way as “word verification” does on this site. As long as you don’t put your email in the name of the image or the alternate text, your email is safely hidden away. Nexodyne provides a free service to do this (http://services.nexodyne.com/email/). One of the cool things about this website is that it will allow you to generate the image and save it locally, and they provide an encrypted link that allows you to serve the image directly off their server.
Here’s the copy from their server:
and the local copy:
Very cool idea!
(This post was also updated on April 3, 2007)