 |
|
|
| |
 | |
Help Stefan CampaignIf you can spare $1 then help support this site and change someone's life forever? Learn how and why on the Help Stefan campaign page. |
Introduction
E-mail harvesting is the process of obtaining lists of e-mail addresses from the internet. This is usually done for use in bulk e-mail and for various other purposes that can generally be described as 'spam' (ie the mass sending of unsolicited e-mails).
E-mail lists can be generated by varous methods and these include: the purchase of e-mail lists from other spammers or the use of special web spiders known as 'harvesting bots' or 'harvesters' that crawl Web pages, Usenet postings, mailing list archives or Blogs in the search for e-mail addresses. Another method used to harvest bulk emails is to used a method called a 'dictionary attack'. For this method the spammer takes the common email domains 'yahoo.com', 'hotmail.com', 'btinternet.com' etc. A dictionary of names is then used to prepend names to these domains. For example, take the domain example.com. To use this a spammer might prepend this with the names thomas@example.com, sarah@example.com, mark@example.com, miriam@example.com, ronald@example.com etc. These messages are sent and any messages that are delivered rather than being bounced back 'undeliverable' can then be added to the spammer's sending list.
Another e-mail harvesting scam is to use a popup or web page that promises a free product or service if the user provides a valid e-mail address to sign-in with. The addresses can then be collected as potential spam targets.
Protect your e-mail addresses
You are particularly at risk if you run your own website; especially as many of the indexing engines (such as Google) rerquire you to supply contact details to show you have a bona-fide site. Many usergroups and forums also require you to display your e-mail address.
As a result you are in great danger of having your email address harvested if you do not obfuscate your e-mail address. As you are on this site to learn about how to protect yourself from scams I've written the application below which takes your email address and converts it into a simple JavaScript that obfuscates your email address and allows you to use a 'contact me' link on your site that cannot be harvested by the 'harvesting bots'.
Feel free to use the form below to obfuscate your emails and links. Also note that this form only performs obfuscations. I do not store or keep any email adresses that you may enter.
celtnet email encoder
The Celtnet email encoding service is completely free and is provided as a service to users of this site., It will ensure that your email address is protected from harvesting by robots and software email trawling programs.
Simply enter your email address and link text and press the encode address button to generate an encrypted e-mail link for that address:
Most harvesting spiders know that they have encountered an e-mail address by looking for mailto: links or @ signs within your web pages. But as these and your email address are encoded as UTF-8 in the code above there is nothing to show the harvesting bots that this is an email adress or a mailto: link.
The latest twist on this scam is the website that offers to provide you with information on only legitimate work at home jobs with no scams. All for a small fee, of course. This is just another twist on the scams above — just ignore it!
Just remember that you should never publish a non-encoded or non-protected e-mail address anywhere on the internet. If you run your own site and can run perl applications then you can use a form-mail application to allow users to contact you which completely hides your email address. An example of such a script is given here.
Low-tech Methods
If you're after a fairly low-tech way of obfuscating your email adresses then you could use the methods below:
- example at domain dot com: which can be transliterated to example@domain.com. Using the word forms of at (@) and dot (.) effectively obfuscates the mail address.
- e x a m p l e @ d o m a i n . c o m: here the spases obfuscates the mail address but it can easily be read by a human.
- example@domain.com: here the UTF-8 values for @ and . are used to obfuscate the web address.
- moc.niamod@elpmaxe: a simple but effective technique which is simply to invert the entire email address.
- elpmaex@moc.niamod: a variant on the example above where the name and domains of the email are separately inverted.
- example@domainNOSPAM.con.invalid. The
invalidis a special top-level domain which is added to ensure that a valid email address is not accidentally created. Simply remove the uppercase characters and the.invaliddomain to give and active e-mail address.
Unfortunately none of the techniques above is 100% secure as spammers can now clean-up many such addresses and will send e-mail to the cleaned address.
You could also post your e-mail address as an image which can simply be scaled and placed within your web pages.
If you do not want to use JavaScript on your website then you can use my CSS/HTML email shuffling page to generate a CSS/HTML version of an obfuscated email.
Navigation
Quick Links:
- Lottery eMails Scams
- The Advance Fee Fraud
- Employment Scam
- Phishing Scam
- Holiday Scam
- Overpayment Scam
- Charity Request Scam
- Pyramid Scam Email
- The Re-shipping Scam
- The Romance Scam
- The Work From Home Scam
- Pharming
- Stock Scams
- The Spanish Prisoner Con
- Email Address Harvesting
- CSS/HTML E-mail obfuscation
Internet Fraud Home
Celtnet Information Home
Navigation
- Lottery eMails Scams
- The Advance Fee Fraud
- Employment Scam
- Phishing Scam
- Holiday Scam
- Overpayment Scam
- Charity Request Scam
- Pyramid Scam Email
- The Re-shipping Scam
- The Romance Scam
- The Work From Home Scam
- Stock Scams
- Pharming
- The Spanish Prisoner Con
- Email Address Harvesting
- CSS/HTML E-mail obfuscation
Internet Fraud Home
Celtnet Information Home
Main Sitemap