Thursday, November 16, 2006

bob at example dot com: A Great Way to Give Spammers Your E-mail Address

Author: Nick
Category: Money
Topics: ,

world wide waffle

Somewhere in the course of recent internet history, the following advice seems to have spread like wildfire:

“If your e-mail address is bob@example.com, you should never spell it out on websites or message boards as bob@example.com. Junk e-mailers have these ’spider scripts’ which can harvest e-mail addresses from websites if they’re printed in their standard form. Instead you should say something like bob at example dot com.”

And so that’s what lots of people do on the internet…

My e-mail address is smart_dude at yahoo dot com

If you have questions about this offer, please contact sally at smartbusiness dot org

Hey d00d fr33 nak3d chiXoRz: nak3d_chiXoRz at omg-super-hot-girls dot yum

Hooray, address-harvesting spiders are defeated forever! Peace on earth, good will yadda yadda.

Guess what? Every time you say “bob at example dot com,” you have just told e-mail spammers that your address is bob@example.com.

But but but I didn’t have the funny little @ and the . is a dot so I’m safe, right? Right???

No! You’re not safe, Mr. Italics Bold! That’s because e-mail harvesting spiders can read and interpret “bob at example dot com” just as well as they can read “bob@example.com.” It’s as simple as programming the spider script to look for ” at ” in addition to “@” and ” dot ” along with “.”

Oh okay. So I’ll just come up with something more clever, like “bob -is at- example -period- com.” I am so smart!

No! You are so lame, Mr. Italics Bold! Spammers can just program their script to start with the “com” and work backworks, trying any number of combinations. It might pick up “example@period.com” and “is@example.com” as e-mail addresses, but it’ll also catch “bob@example.com.” And sending a single junk e-mail is virtually free, so spammers can still come out ahead even if only one out of thousands of e-mails they send actually hits a valid user!

I’m scared of the internet now! Time to go live in a cave! Call me when they fix this.

Sorry, Mr. Italics Bold, but this problem won’t be going away anytime soon. But there are some things you can do to protect yourself and your e-mail address from unwanted solicitations:

  • Protect your e-mail address like you would your home address or phone number. If I put a form on this website asking you for your home phone number, would you fill it out? Heck no! You don’t want me calling you up at three in the morning. You might need to give out your e-mail address to more places than you do your phone number, but you should think long and hard each time you do it.
  • Never post any part of your e-mail address in text form in a public location on the internet. As described earlier, it’s easy as spam pie to harvest those addresses, even if you obfuscate it with seemingly invalid syntax. Really, if you wanted to make “bob at example dot com” tricky enough to hide from spider scripts, it’d probably be too hard for people to understand it, too.
  • Use alternate means of communication in public areas. If you need to post a method of contact in a public location, your personal e-mail address is not the way to do it. On message boards, instruct users to send you a private message (or “PM”) through the boards’ own messaging system. In other places, post a single-use or temporary e-mail address like those you can get at Mailinator. For more permanent setups like website contact pages, consider a form-based solution with a captcha and spam blockers to filter unwanted messages.

If you’d like more information on this subject, please input your e-mail address in the following form.

Your e-mail:

Hey, hey, hey! What’d I just finish saying? Don’t give out your e-mail address just because someone asks you for it!

But in all seriousness, go ahead and fill it out if you’d like more information.

Your e-mail:

What’re ya doin’??? Stop filling out random forms and go do something useful.

Punny Money RSS Feed Punny Money RSS Feed
TrackbackComment RSSTechnoLinks

9 Responses »

1.

The Sarcasticynic
November 16th, 2006 at 7:36 pm

Yeah, it’s a pity that for each user who would send you something legitimate, there are fifty spammers looking to clobber you with their nonsense.

2.

Nick
November 16th, 2006 at 10:53 pm

Hahaha, there were exactly 50 spam comments caught on Punny Money between your comment and the previous one.

3.

The Sarcasticynic
November 17th, 2006 at 7:12 am

I rest my case!

4.

moneysmartlife
November 22nd, 2006 at 1:28 am

You can always put your email in an image to beat the bots. I found a cool tool over at http://www.sr-ultimate.com/gmail-signature. You can see an example of how it looks at, http://moneysmartlife.com/img/sig.png

5.

Nick
November 22nd, 2006 at 9:52 am

That’s not a bad idea, moneysmartlife. Glad I thought of it when I started this here interweb site! :)

Of course, it only takes one person bent on revenge to submit your e-mail address to every subscription link on the internet, so even that’s not full-proof.

6.

denon
December 8th, 2006 at 11:36 am

It’s funny how quickly people forget that OCR is a very mature technology these days. I’ve actually seen web spiders that do an incredible job at OCR’ing images - even ones that are deemed to be relatively obscure. Of course, if you use an image generator, it’ll be even easier as they’ll have seen a thousand others like it. :)

hmm .. looks like this goofy guy wants me to put my email in to submit this comment…. ;)

7.

mapgirl
June 25th, 2007 at 9:05 pm

ok. Now you’re making me paranoid! That’s why I have an address listed just for blogging which says “Google’s mail service” instead of a domain name. I figure if they’re too stupid to figure out what that means, I don’t want them to email me anyway. (I’m not joking about that.)

8.

Bob Holness
December 24th, 2007 at 6:39 am

Hey! Stop publishing my email address on your blog. My spam has increased drastically since you wrote this article.

9.

Obbop
January 26th, 2008 at 1:48 am

Sheesh, so easy to beat the bots.

Just use heiroglyphics when writing thine e-mail address.

Leave a comment

Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

u comment, i followPlease note: By posting a comment, you agree to abide by the Comments Policy. Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

Previous: Free $100 (or More!) Gas Cash-Back Certificate for Citi Cardholders
Next: Nick Speaks to Artists and Art Lovers at AnimeUSA This Weekend

 

 

Stay on top of market activity and trade with confidence using real time markets .Click here to Download bettertrade product .

Visit RapidAdvance for a great alternative to a business loan.

Bad Credit Payday Advance - Simple online form and introduction to short term loans with no credit checks.
Car Finance - Car Loans for bad credit. Apply online now.
Highest CD Rates
Cash Loans
Loan for people with bad credit
Car Insurance
Payday loans

Search

Search personal finance sites

Topics

Archives

 

  • Clean Credit - we use our v phase process to clean your credit by auditing the credit bureaus and creditors