Revealed: The Source of Mystery Messages

Category: Email , Privacy

Today I heard the story of a man who visited a website, and later got an email from that site, even though he never provided his email address. He found it disturbing, and you probably will too, when you learn how and why this is happening. Read on to learn the source of mystery messages...

Unsolicited and Creepy Emails

Heshie Brody and his wife recently had a baby, and were shopping online for some baby-related items. They filled out a form on the website, but stopped short of making a purchase. About 10 minutes later, Heshie got an email from the company, reminding him that he hadn’t yet completed his transaction. His first thought was “This is not ok.” He never pressed the Submit button to send his personal info to the website, but somehow they had his name and email address.

As I was reading this story, it reminded me that sometimes I also get emails from websites that I’ve visited, without making a purchase. Maybe you’ve seen them... emails that say “You left items in your shopping cart, click here to complete your purchase.” In some cases, I might have ordered from them previously, so it’s understandable that they would have my email address. (Still annoying, because I didn’t “forget” to complete my purchase. I just decided not to buy, or bought it elsewhere.)

In other cases, it was unclear to me how they got my email address, without me ever clicking the Submit button on an order form. That is, until I read about Heshie Brody’s experience. It turns out that the website he was on uses a technology called "AddShoppers Email Retargeting® Co-op + SafeOpt® Consumer Rights Management Integrated Platform".

Mystery Messages in your email

AddShoppers claims to have a network of over 150 million shoppers, and by capturing the activity and information that shoppers enter on a website, they can “resolve customer identities and deliver email regardless of customer email acquisition.” In plainer language, Addshoppers combines bit and pieces of customer data from a large network of ecommerce websites. And if you’ve made a purchase on any of them, that information will be shared with the rest of the network.

Here’s an example of how that might work. Let’s say Isabelle buys a pair of shoes on Website A, which logs her personally identifying information with the AddShopper network. Days, weeks, or months later, she visits Website B, starts the process of ordering a new dress, but after entering just her name on the order form, she gets a phone call from a friend. Ten minutes pass while they chat. Behind the scenes, Website B was silently monitoring where Isabelle had clicked and what she typed.

Based on her name, and perhaps other information they can glean such as her device type, operating system, and IP address, they query the AddShopper database. “Hey AddShopper, do you have anyone named Isabelle Ringing that owns a Pixel 3 smartphone running Android Version 10? Based on her IP address, we think she’s in the Chicago area.” If there’s a match, AddShopper will provide Isabelle’s email address, and before she finishes her phone call, she gets an email from Website B that says “Hey there, Isabelle… do you still want that dress?”

Disturbing Questions and Another Example

At this point, Isabelle may be asking a few questions. “How in the world did Website B get my email address? Who gave it to them? What else does this creepy website know about me, and who will they share it with?” The fact that these online stores have a privacy policy that spells out how your privacy will be violated provides no comfort at all.

I have an even more disturbing example that deals with smartphone technology. A few months ago I walked into a CVS drugstore, poked around a bit, and left without buying anything. The next day, I got an email from CVS that said something along the lines of “Thanks for visiting your local CVS store at [address], here’s a coupon for your next visit.”

Talk about creepy. I don’t have a CVS app on my phone, and as far as I know, I had never provided my email address to them. This type of privacy intrusion must rely on GPS tracking, a technology like AddShopper that builds consumer dossiers as folks roam about online and offline, and some other secret sauce that I can’t figure out.

I looked at the CVS privacy policy, and found this: “We and our service providers may collect the physical location of your device by, for example, using satellite, cell phone tower, WiFi signals, beacons, Bluetooth, and near field communication protocols, when you are in or near a CVS store. We may use your device's physical location to provide you with personalized location-based services and content, including for marketing purposes.” I’m not picking specfically on CVS – I’m sure this happens all over the place. But it does give me an icky feeling when it happens.

You can use a disposable email address (see How to Fight Spam With a Disposable Email Address) when shopping, or turn off the Location Services on your smartphone to foil some of these tactics. But the bottom line is that privacy, in terms of where you go and what you buy (both online and offline) is fast eroding.

Has anything like this happened to you? What steps did you take to boost your online privacy? Please post your comments or questions below.

Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Check out other articles in this category:

Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 9 Jun 2020

For Fun: Buy Bob a Snickers.

Prev Article:
Money Saving Tips For Online Shoppers

The Top Twenty
Next Article:
Fileless Malware: Are You Exposed?

Most recent comments on "Revealed: The Source of Mystery Messages"

(See all 40 comments for this article.)

Posted by:

Sharon C Scian
09 Jun 2020

I was amazed when I got an email that told me all the places I had visited on the day I ran some errands.

Posted by:

09 Jun 2020

The other day I called a restaurant I have never visited. Told the person on the phone that I wanted to order dinner for take-out. She said "That order would be for "! I asked how she knew this, and she said it is a service they subscribe to. Sounds like your AddShoppers outfit!

Posted by:

09 Jun 2020

Yes-I am up to date on why I get E-mail for a item that I clicked onto 3 weeks ago from another web-site ,but this is the one that caught me off-guard.I was looking at senior citizen's apartments, 3 weeks later I get a call from one of them [no-I did not have to put in my e-mail address on any of them] I get a phone call asking me to come in for a walk thru. The only thing I could think of ,was they hooked up to my cookies and IP address ,she did not tell me how she got my phone #.

Posted by:

Stukahna Sandbahr
09 Jun 2020

Give 'em the number of the political commitee you don't like.

Posted by:

Dan Valleskey
09 Jun 2020

What do you think of stores requiring you to show the back side of your drivers lisc. so they can scan it to verify your age? What else can they learn from that bar code? Yet another way we are being watched, I think. I have stopped shopping at Kroger when they insisted I show the bar code. BTW, I am no kid, 63, gray haired and bald.

Posted by:

09 Jun 2020

Keep marking all junk as phishing (after all, that's what they're doing)--- maybe someone will get the hint & do something about it.

Posted by:

Brian B
10 Jun 2020

It sounds like personal privacy has ceased to exist in the US. In most counties this would be totally illegal. The first example is considered key logging, and the second considered phone tapping where I live, both of which are illegal.

Best policy here would be to let the firms involved know that you consider both policies wrong, and tell them you not be shopping with them again in future.

Posted by:

10 Jun 2020

I recently read the novella, The Machine Stops, by E.M. Forster. He warned of this as long ago as 1909, but even more concerning, he described what could go wrong - if the machine stopped.

Posted by:

keller christian
10 Jun 2020

they are getting to me from my computer for just looking at things and they know what i have been looking at ,,question is how

Posted by:

10 Jun 2020

My complaint is that after I've made a purchase, I I get way too many pop-up ads suggesting that I purchase the item(s) again. It gets tiresome. Still I like being able to shop onliune.

Posted by:

10 Jun 2020

Once again I feel completely justified: I don't own a smartphone and I get along just fine, living peacefully and happily and out of the reach of the marketing mafia.

Posted by:

10 Jun 2020

Sometimes the consumer wins. My husband was investigating shoes and ended up with them appearing twice in his shopping cart before he decided not to buy and logged out. He ignored reminders that he had goods in the cart. Next thing the order turned up at our post office box with no payment made. (They had his address but no billing details.) Two pairs of shoes for free. No request for payment has ever been made.

Posted by:

10 Jun 2020

Some five plus years ago - I was sitting astride my motorcycle having just left a food mall when my Android said it wanted to talk to me. Upon opening Google there was a message saying, "We notice that you have just visited the premises of ABC Food Mall
and would like you to give an opinion as to the level of service that you received there"

This was enough for me to disable all GPS systems until this day notwithstanding complaints from visitors wanting my Location hahaha.

Posted by:

10 Jun 2020

If these intrusive emails rely on IP addresses, a VPN might block some of 'em. That and using throw-away email addresses.....

Posted by:

10 Jun 2020

I just wonder why people open emails from places they don't know.
Even more odd is reading text messages from weird origins.
I would suggest going back to landlines and binning the cell phone but then I'd be told to use a tin can and string. It was always easier to shout so that's out as well.
Believe it or not I have never sent a text message on a phone or read one sent to my phone AND I haven't dropped dead yet!

Posted by:

10 Jun 2020

I've noticed that with Instagram particularly, if you fill out a form there but don't buy anything, you will get an email from that ad.

Lately, I've been getting emails "for" someone I no longer am in touch with, they hit my spam folder, but hovering the address shows they're from all over the world. She's not. Never clicked a link, nor would, but it is some new sort of scam.

Posted by:

Tom Willhoite
10 Jun 2020

Upon opening my laptop I continue to receive a window message stating "there is a problem with your Microsoft account. Press here." This almost certainly is a phishing expedition and I will never click here on that or any other such "notice.". However, it is aggravating to see it each time. How can I get rid of it without "clicking here?"

Posted by:

17 Jun 2020

I have never enabled internet access on my phone - I still get text messages which come over the cell system, but never any internet's a phone - I make calls, I'm on my PC basically all day, why do I want to have to squint at the internet on my phone's silly little screen - sorry phone you are basically just a nuisance....I killed my house phone many months ago, and now speak to only people I want to hear from !

Posted by:

Gary Battel
19 Jun 2020

Just the other day, I received a letter in the mail, from a health care organization. They wanted me to participate in a health study, because I had "two of the following health care issues, or possibly others". They then listed 3 conditions, neither of which is a problem for me. They also said that it wouldn't cost anything, since I have supplementary insurance.(However, I'm sure this is not true, since my supplementary insurance kicks in only under catastrophic expenses.) I haven't had any direct dealings with this company, and I have no idea how they know anything about my health (although not very accurately). This is disturbing to me.

Posted by:

22 Jun 2020

Mine is not a shopping experience, but a bit scary nevertheless.

A business proposal was emailed to me and I indicated I was not ready to consider it yet. They followed up with a phone call which I did not appreciate. After a while they stopped harassing me.

One day I reopened that email to take a another look, and the phone immediately rang. Seems they had a system in place to monitor my interactions with their previous messages, and knew I was reading the email just at that point.

There's more reader feedback... See all 40 comments for this article.

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
About Us     Privacy Policy     RSS/XML

Article information: AskBobRankin -- Revealed: The Source of Mystery Messages (Posted: 9 Jun 2020)
Copyright © 2005 - Bob Rankin - All Rights Reserved