Have you ever wondered where spammers found your email address? We've listed the Top 10 most common activities that can lead to your name and email address being harvested, or added to the spammer's mailing list.

Each of these activities is ranked with a 1 to 5 risk level. Where a rank of 1 is relatively safe and a rank of 5 will almost certainly lead to your inbox being flooded with spam.

By following some simple rules and avoiding these risky activities you will be able to lessen the likelihood that your email address will be added to yet another spammer's mailing list.

Posting to Usenet Groups - Risk Level 5
Spammers use automated tools called spambots to scan virtually every post made to every Usenet Group known to mankind. Some tools only look at the headers of the message to capture From: and Reply-To: addresses, while others will scan the entire message for anything that looks like an address.

Expect to receive spam in a matter of days if you post to Usenet Groups.

Solutions:

1. Don't post to Usenet Groups
The most obvious solution is to not post at all. Intead, try to find a mailing list or private bulletin board that covers the same topic and ask your question there.
OR Sign up for SonServer Email Defense

2. Encrypt your email address code
Many regular posters to Usenet Groups and related forums have started to modify, munge or encrypt their email addresses to throw off spammers. For example they may convert "joesmith@domain.com" into "joe_nospam_smith@domain.com". The assumption is that humans are smart enough to remove the "_nospam_" but automated address scanners aren't.

Unfortunately recent evidence suggests that spammers are starting to detect and clean some of the more common munging techniques.

If you absolutely must include a link to your email address in your web site, then you should have the link encrypted using either decimal, hexadecimal or a combination encrypting technique which converts the HTML code for your email address from this: joesmith@domain.com to something that looks like this: mailt&#111
SonServer.com offers this service as standard web site maintenance. Contact us about Email Link Encryption for further details.

3. Use a temporary or "disposable" email address
If you have multiple email accounts, or you have access to a domain Virtual Post Office (VPO), you may want to set aside an email address to use for high-risk behavior like posting to Usenet Groups. You will still receive spam, but it will be easier to manage if you receive it all in one place.
OR Sign up for SonServer Email Defense

Signing up for Online Contests or Give-Aways - Risk Level 5
Seriously now, why do you think a company would give away a free car, cash prizes, free software, etc? To get your email address of course.

Lotteries, casinos, sweepstakes, and any other "something for nothing" offers are all prime email address harvesting tools.

Solutions:

1. Don't sign up
Simply avoid anything that looks too good to be true. There's no free lunch and that goes double online.
OR Sign up for SonServer Email Defense

Participating in Chat Rooms, IRC and Instant Messaging - Risk Level 4
Many IRC and instant messaging clients will provide your email address to anyone who asks. Similarly many chat rooms, including AOL's, will make lists of usernames available.

These email addresses are quite popular with spammers because they're "fresh" and still have a high likelihood of being valid.

Solutions:

1. Check your settings or preferences
Many chat programs and services offer settings or preferences that limit the amount of information that you make available to the group. Look for settings that hide screen names and email addresses.
OR Sign up for SonServer Email Defense

Registering a Domain Name - Risk Level 4
If you have ever registered a domain name then your email address is available to anyone who wants it.

Each domain is required to have an administrative, technical, and billing contact. These contact addresses are published via the "whois" system to allow network administrators to track down the owners of a domain.

Unfortunately this also allows anyone who knows your domain name to look up your email address.

Solutions:

1. Use a dedicated address
Every time you register a domain use the same address. "postmaster" is a common choice. This will at least keep spam out of your personal account.

Make sure that the address you use is active. If you can't send and receive mail at that address you may have problems managing your domain.
OR Sign up for SonServer Email Defense

Replying to Spam or Chain Letters - Risk Level 4
Spammers will often use trickery to get you to send them your address.

A good example is the "Free CDs" chain letter that circulated a year or so ago. The sender claimed that Amazon.com and Music Blvd would send free CDs to everyone who forwarded the chain letter. The stipulation was that you had to CC the original sender.

Of course the sender was just a spammer collecting email addresses.

Solutions:

1. Never reply to spam
You should almost never reply to a spam message. Not even to ask to be removed from their list. Any reply will confirm your address as being legitimate and therefore a live target for additional spam.
OR Sign up for SonServer Email Defense

2. Don't forward chain letters
Chain letters range from harmless but annoying junk mail to dangerous scams. Don't inflict this undeserved punishment on your friends.
OR Sign up for SonServer Email Defense

Choosing a Common Email Address - Risk Level 4
Spammers will often use a technique called "guess and clean" to build up large lists of addresses. First they will generate a large list of common usernames like "bob," "admin," or "sales". They will then send spam to all of these usernames at any particular domain name. Any recipients that aren't bounced by the mail server as being invalid are kept on the list for future spam campaigns.

Solutions:

1. Don't choose a common email address
Any email address that includes a common first or last name is likely to be guessed. You'll have to weigh the benefits of an easy to remember address vs. one that's hard to guess.
OR Sign up for SonServer Email Defense

Publishing a Web Site - Risk Level 3
Specialized web robots, aka spambots, are constantly searching for new web pages that contain email addresses. If your email address is listed on a web page it will eventually be discovered by spambots.

Some of these robots look for any available address while others search for particular types of pages, like "contact us" or "resume" pages. This is why you may get personalized spam with customized subjects like "I saw your resume online" which include a link to your home page.

Solutions:

1. Limit how many pages contain your email address
Think twice before using your private email address on a web page. Does it really need to be there? Using role-based addresses like "webmaster@yourdomain.com" may be a better bet.
OR Sign up for SonServer Email Defense

2. Have SonServer.com scan your site and encrypt your email links
Using either decimal, hexadecimal or a combination encrypting technique we can convert the HTML code for your email address links into code that the spambots will not recognize.

3. Install poison scripts
Poison scripts generate innumerable web pages filled with fake email addresses. It's a waste of spammer's resources to send spam to thousands upon thousands of fake email addresses. The scripts may or may not help your spam problem, but they will make scanning web pages less attractive to spammers.

There are a number of poison scripts available, but WPoison seems to be one of the most popular FREE tools of it's kind..

Getting Listed in an Online Directory - Risk Level 2
Many companies publish their employee's email addresses and other contact information in an online directory. There are also large public directories like bigfoot.com that try to list the general public.

While most of these directories attempt to keep spammers out they are still an attractive target.

Solutions:

1. Don't get listed
Don't join any directories and ask your employer to keep your email address private.
OR Sign up for SonServer Email Defense

Joining a Mailing List - Risk Level 1
There was a time when many mailing list programs would provide a list of subscribers to anyone who asked. In recent years most reputable mailing list administrators have tightened their security to restrict access to subscriber addresses.

As a result, subscribing to a mailing list is now a fairly low-risk activity.

However, you should always make sure you trust the owners of the list. Even if the software is configured correctly, the owners themselves could sell your address.

Surfing the Web - Risk Level 1
If your web browser isn't correctly configured it may be possible to end up on a spammer's list just by surfing the net.

Older versions of the most popular Internet browsers often times can be tricked into giving out your email address by web pages that serve an image via anonymous FTP. The browser would log into the FTP server using your email address as a password.

Other tricks included using JavaScript to silently send email from your browser to the spammer.

Solutions:

1. Upgrade your browser
The most current browsers have much better privacy and security than their predecessors.

2. See what your browser is saying about you
Your web browser may be sending out more than you think. You can run the free privacy scanner set up by Privacy.net to find out exactly how much information your browser is leaking.

Unfortunately, spammers are always seeking out new ways to get your email address, so it's just a matter of time until your email address ends up on a spammer's list even if you avoid high risk behavior. However, by being extremely careful and avoiding the higest risk behaviors outlined above you can limit your exposure, but most importantly, by subscribing to SonServer Email Defense you can protect yourself, your company and your family with multiple layers of the most up-to-date spam and virus filtering technology available.

The best action you can take if you are currently receiving unwanted spam is to block it. SonServer Email Defense will filter out your spam to make sure that even if spammers get your email address they won't get to your Inbox.