Email hijacking

Are you letting your customers know what work you do best and how you can make their business more successful? Effective marketing establishes and promotes your brand. Your web site and marketing materials should, powerfully, demonstrate why they should do business with you.

Stop your e-mail address being stolen and used for spamming you

If you own a Web site there is a good chance that you want to have a means
by which potential customers can contact you. One of the best ways of
doing this is by adding your e-mail address to the site. The only problem
is, as soon as your e-mail address is displayed on your site you will
start receiving SPAM e-mail.

How do spammers get my e-mail address?

The obvious way that unwanted e-mailers can get your e-mail is by visiting
your site and jotting it down on a piece of paper. You can’t really stop
this – and if you do, the people you really want to send your e-mails
won’t be able to either!

Most spammers need a way of capturing many thousands or millions of e-mail
addresses. They have several ways of doing this.

One such way is to take popular domains names (e.g. and then
add every letter permutation in front of the domain (;;;; etc.). This can be easily achieved using
a computer program. Once the spam list is created the spammer will send
e-mails to the list to see which ones are returned as ‘invalid recipients’. The
ones that are not are most probably valid recipients.

One way that you can reduce the affect of this sort of e-mail activity
is to remove the ‘catch-all’ e-mail address. This will mean that, unless
an e-mail is sent to a real address, your server will send an invalid
e-mail type response.

Another way in which illegal e-mailer gather information is by using a
Web ‘crawler’ to search the Web for e-mail addresses. It works similarly
to the sort of crawler that search engines use, going from one Internet
page to another. However the major difference is that instead of searching
and indexing words and phrases on the page – it single mindedly looks
for e-mail addresses. It does this by looking for HTML on your page with
the following format:

<a href=””>Your name</a>

One approach to making life slightly more difficult for the spammer is
to obfuscate the e-mail address using a simple Javascript script. The
following splits up the component parts of the e-mail address and then
adds them back together for the human visitor to the site. On the other
hand all the ‘spam crawler’ sees is the Javascript. The following is the
equivalent to the address above.

<script type=”text/javascript”>
var usrname = “yourname”;
var hstname = “”;
var linktxt = “Your name”;
document.write(“<a href=” + “mail” + “to:”
+ usrname + “@” + hstname + “?subject=Message%20From%20Billy%20Fire”
+ “>” + linktxt + “</a>”)

Which will look like the following on your site:

Other approaches to stopping spam
The approach detailed above will probably help but not entirely stop spammers
getting hold of your e-mail address and using it. Of course, you need
to be careful as to who you give your address but another way of reducing
the problem is to install Mozilla Thunderbird. This e-mail program as
a ‘junk’ mail feature. You can ‘train it’ to recognize spam and to place
it is a special folder or delete it automatically. It is not a foolproof
solution (sometimes it thinks an e-mail is spam or junk mail when it is
not), but, in my experience, it is very good – and it is free.

You can download Thunderbird here.