ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

How Spammers Get Your EMail ID And What You Can Do If Spammed

Updated on November 12, 2012

Mail Spam

Every day we get spam mails from unknown persons. Sometimes we delete them without reading, and at best we report these messages as spam to the respective email providers. Have you ever wondered from where these people get your mail ids? How do they manage to harvest our email ids?

Well, there are innumerable ways to get the addresses. I will try to outline a few of them below.

1. Mailing Lists

There are a lot of websites that sell email ids that are harvested using many of the methods detailed below. There are companies who get the email addresses legitimately and sells the list for some extra income. An example would be a magazine that asks subscribers for their email in order to keep in touch and send updates. These email addresses may include the ones that a company receives through other means as well. For example, people who just emailed the company with any inquiries or complaints.

Spammers regularly try to get the lists of subscribers to mailing lists, knowing that the email addresses will be live and that only a few of the addresses are likely to be invalid. Some mail servers will even provide these ids upon request. When mail servers refuse such requests,spammers useanother trick to get the lists. They will send an email to the mailing list with the headers Return-Receipt-To: or X-Confirm-Reading-To: Those headers would cause some mail transfer agents and programs to send back emails saying that it was delivered or read at a given email address, disclosing it to spammers. Another technique used by spammers is to request mailing list servers to send back a list of all mailing lists they carry. This is an option implemented by some mailing list servers for the convenience of legitimate users. They then send the spam to the mailing list's address, leaving the server to do the hard work of forwarding a copy to each subscribed email address.

Some sites request various details for their guest books and registration forms. Spammers can get email addresses from those either because the forms are available on the net, or because the site sells or gives the email list to others. Some companies would sell or give email lists on paper forms. For instance, event organizers make lists of participants' email addresses then sell the lists once the event is over. Some spammers actually type email addresses from professional directories and other printed materials available. Domain name registration forms are another favorite source of the spamers. Addresses are most usually correct and updated, and people actually open the emails sent to them expecting important messages.

2. Web Pages

Spammers use software programs that spider through web pages, looking for email addresses, for example, email addresses contained in mailto: HTML tags that you can click on and get a mail window opened.

3. Previous Owner Of The Email Address

People sometimes dispose their email address after using it for some time for a variety of reasons. This might happen with dialup usernames at an Internet Service Provider. Someone signs up for an ISP, has his or her email address harvested by spammers, then cancels their account. When someone else signs up with the same ISP with the same username, spammers already know of it. Similar things can happen with AOL screen names - somebody uses a screen name, gets tired of it and cancels it. Later on someone else might take the same screen name. Sometimes email accounts are created for some specific purpose and later discarded.

4. Yahoo People Search

Yahoo people search will show results with email addresses which can later be extracted using email extractor softwares easily.

5. Hacking

Sites that supply free email addresses are sometimes hacked in order to get the list of email addresses, similar to e-commerce sites being hacked to get a list of credit cards.

6. Accessing Same Computer

If a spammer access a computer, they can get a list of valid usernames and email addresses from that computer.

7. Address Book And Emails On Computers

Some viruses and worms spread by emailing themselves to all the email addresses they can find in the address book present in the computer they infect. Some people forward jokes or anything that they find interesting by email to their friends, putting their friends' email addresses on either the To: or CC: fields, rather than the BCC: field. These worms and viruses scan the mail folders too for email addresses that are not in the address book. Such viruses, malwares and spywares will not only spam copies of itself, but also send the extracted list of email addresses to it's creator.

8. Guessing

Spammers sometimes guess email addresses and send a test message to those ids. Then they wait for either a confirmation or an error message to return by email, indicating the status of the ids. A confirmation could be obtained by inserting mail headers requesting the delivery system or mail client to send a confirmation of delivery or reading. Another method of confirming valid email addresses is sending HTML in the email's body, and embedding an image. Mail clients like Outlook and Eudora decode the HTML by trying to fetch the image. Some spammers put the recipient's email address in the image's URL, and check the web server's log for the email addresses of recipients who viewed the spam. So it's good advice to set the mail client to *not* preview rich media emails, which would protect the recipient from both accidentally confirming their email addresses to spammers and viruses. Guessing could be done based on the fact that email addresses are based on people's names.

9. Web Browsers

Some sites use various tricks to extract a surfer's email address from the web browser, sometimes without the surfer noticing it. Those techniques include :

(a) Making the browser fetch one of the page's images through an anonymous FTP connection to the site. Some browsers would give the email address the user has configured into the browser as the password for the anonymous FTP account. A surfer not aware of this technique will not notice that the email address has leaked.

(b) Using JavaScript to make the browser send an email to a chosen email address with the email address configured into the browser. Some browsers would allow email to be sent when the mouse passes over some part of a page. Unless the browser is properly configured, no warning will be issued.

(c) Using the HTTP_FROM header that browsers send to the server. Some browsers pass a header with your email address to every web server you visit. When somebody reads email in a browser they should be aware of active contents like Java applets, Javascript, VB, etc and web bugs. An email containing HTML may include a script that when opened automatically sends email to any email address. Melissa virus is a good example of this. Scripts like this could send the spammer all the addresses on the reader's address book.

10. AOL Profiles

AOL being the choice service provider of new users, who might not know how to recognize scams or know how to handle spam. Spammers use these profiles to harvest email addresses.

11. Internet Relay Chat and Other Chat Rooms

Some IRC clients will give a user's email address to anyone who requests it. Many spammers harvest these live email addresses from IRC, and send spam to those ids.

12. Social Engineering

Spammers sometimes use a hoax to lure people into giving them valid email addresses.

Richard's "Free CD's" chain letter will be a good example of this method. The letter promises a free CD for every person to whom the letter is forwarded to as long as it is sent to Richard too.

[Hi. My name is Richard. I am the president of the Cyber Promotions for Columbia House. We are in a fierce competition with companies such as and Music Blvd, among many others. Because of this, I have been authorized to offer 10+ free CD's of your choice to any person who participates in our promotion. All you have to do is send this message on to your friends! Yes, it is that simple. Now you are wondering how many CDs you get, and how to get them. It all depends on how many people you send this message to. You are required to send this email to the following address to receive your first 10 CDs : In addition, you get another CD for every person you forward this to. For example, if you send this to Cyber Promotions, along with 10 of your friends, you would receive a total of 20 CDs.]

All the author of the hoax wanted was to get people to mail valid email addresses to him so that he can build a list of addresses to spam or sell later.

14. Domain Contact Points

All domains have one to three contact points: administration, technical, and billing. The contact point includes the email address of the contact person. Since the contact points are freely available spammers harvest the email addresses from the contact points for lists of domains. This is a tempting method for spammers, as those email addresses are most usually valid and mail sent to it is read regularly.

15. White Pages And Yellow Pages

There are various sites that function as white pages, sometimes called people search sites. Yellow pages have an email directory on the web.Those white and yellow pages contain addresses from various sources. For example, HotMail will add email addresses to BigFoot by default, making new addresses available to the public.

16. Finger Daemons

Finger Deamon is a service that normally runs on port 79 and was originally intended as a digital businesscard for people.Some finger daemons are set to be very friendly. A finger query asking for joe@host will bring out a list info including login names for all people named Joe on that host. A query for @host will produce a list of all currently logged-on users. Spammers use this information to get extensive users list from hosts.

I am sure there will be many more ways by which spammers try to harvest your email addresses. If the readers could contribute to this list it will be very useful for all.

Now lets have a look at what we can possibly do prevent it or things we can do if spammed.

As invisible email addresses can't be harvested, it will be a good idea to have the email addresesses of recipients of forwarded emails on BCC:. If forwarded from somebody else, remove all the email addresses inserted by the previous sender from the email's body.

If your email is harvested by somebody and you get spammed, the following links will help you to track the spammer down.

Fight The spam On The Internet

Junk Busters



I hope this compilation of links and resources are useful to all.


This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

Show Details
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
ClickscoThis is a data management platform studying reader behavior (Privacy Policy)