Revealing Your Email Address
Last week I did a search for dolls (I'm a collector) and accidentally wound up visiting an adult site that sells dolls of a very different sort! Now it seems like I'm getting a lot more adult-related spam than ever. So here's my question: Can just visiting a website reveal your email address, without your knowledge or permission? If not, how do spammers get my email address?
Can a Website Grab Your Email Address?
I get this question a lot, and it's a common misconception that simply viewing a website with your browser will reveal your email address to the operator of that site. It's simply not true. Unless you do something to explicitly provide your email address, there is no way for a website to glean that information without your consent.
It is true that visiting a website does make certain bits of information available to the site owner. This includes the IP address assigned to your computer by your Internet provider, your operating system and web browser, the date and time, and the address of the referring web page. But none of that information can be used to identify you personally. The IP address can be used to determine the name of your Internet provider, and in some cases a very rough geographic location. See Does IP Address Reveal my Physical Location? for more information on that topic. But simply visiting a website will NOT reveal your email address to anyone.
So why do some people get spam about a certain topic after visiting a website related to that topic? Pure coincidence. Unless, of course, you GAVE them your email address. That could happen if you signed up for a newsletter, registered for a forum or chatroom, entered a contest, or made a purchase. Some sites try to trick you into sending them an email (and thereby revealing your address) by using a mailto: link. But your browser will present a warning (see image at left) if this is attempted.
Here's one caveat... if your system is infested with spyware and/or viruses, anything can happen, from annoying spam and popups to devastating identity theft. For more help on keeping your computer safe form malware, protecting your inbox, and spam blockers, read these additional articles:
Got comments on this topic? Post your thoughts below...
This article was posted by Bob Rankin on 28 Nov 2006
|For Fun: Buy Bob a Snickers.|
What is Broadband?
The Top Twenty
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Revealing Your Email Address (Posted: 28 Nov 2006)
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Revealing Your Email Address"
29 Nov 2006
Bob, Folks should take an extra few steps, starting with the purchase of a computer. Many folks will buy it without the OS installed but the shop will put on which one they choose. They'll save money if they already have an OS if they bring it in with them to save the lic. fee. Right there and then they should instruct the installer to ONLY use letters or numbers, never their name as the "owner." Me, I use "X" and my spouse's computer is "Y". Ditto for installing MS Office and the like.
I once found a guy who used to post in a forum and then disappeared - or so it seemed. He changed his "handle" and became a new persona. Too bad he didn't know that MS Word tags the headers of files with the owner's name. One day he posted an instructional ".doc" file. I grabbed it and there, as big as life, was the name "Tony ..." on the header. Folks unknowingly can give away clues to their identity just by entering personal data installing software. Thank MS for that!!!
Some ISP's, such as Earthlink, will give you "disposable" e-mail addys so you can track who is lying about their policies. So, if you go to a Website that demands your addy, use one of the disposable ones for that site only. You can check that addy via Earthlink Web mail system and see if you get any posts other than from the site, itself.
Now that the holidays are here and folks will be purchasing on-line, they should know most major credit card companies will give them as many one-time e-mail addys to use as they need for use with credit card purchases.
29 Nov 2006
Bob, One of the big ways people are getting their email addresses into the hands of spammers these days is email forwards. That was a bit of a surprise to me, but you know how you get those jokes and stuff and people have left all the previous headers intact? Sometime there are hundreds of email addresses listed. All that has to happen is: (a) it lands on the desk of someone who is harvesting email addresses. (b) it lands on the desk of someone with a virus (or 10) that harvests email addresses.
So ALWAYS strip off the headers before you forward those jokes. And teach your friends to. Also, if you install the free SiteAdvisor (now owned by McAfee) it will warn you of sites that have virus or adware laden downloads or send spam if you submit an email address. Its saved me a couple of times on what should have been legitimate sites. http://www.siteadvisor.com/
07 Dec 2006
There actually IS another devious way sites can get your email address (or any other potentially sensitive text info)without you having given it up voluntarily. If you have copied it to your clipboard and your IE security settings aren't just right, then this info CAN be extracted easily.
Unless you have disabled or at least set it to ask, then the setting "Allow paste operation via script" will potentially let a site read whatever the text contents of your clipboard are, including your email address! I kid you not!
You can check it out for yourself! Go to Tools->Internet Options->Security-> Custom Level... scroll down to "Scripting" and then just for this test, set it to "Allow". Now copy some harmless text and then go to this site and see.
It will tell you EXACTLY what the contents of your clipboard are!!
EDITOR'S NOTE: The default setting (in IE Version 7) for this option is to NOT allow access to the clipboard in the Internet Zone. Unless you specifically turned it ON, you won't have this exposure. Users of IE 6 and earlier, might be exposed.
18 Dec 2006
This does not address the problems of "super cookies" which can read other cookies, but does shed light on how stalkers can get more information about you then you might suspect.
29 May 2007
Is it possible to use a free email provider (Yahoo, Hotmail, etc) so that people can not trace back to your original IP address? I don't want to hide my email address, but don't necessarily want people to be able to trace my email back to my name or physical address...
EDITOR'S NOTE: See http://askbobrankin.com/anonymous_web_surfing.html
14 Jun 2007
I would like to know how best to handle the presentation of my email address or for that matter any email address on a web page so that it can't easily be mechanically harvested?
EDITOR'S NOTE: You can try something like addressmunger.com, but it's not foolproof. A better solution is Formmail, which gives you a feedback form that completely hides your email address. See http://www.scriptarchive.com/formmail.html
24 Oct 2007
Automatic out of the office emails may alert spammers that your email address is live. I never use them.