How Do People Get Someone’s E-mail Address?

A reader sends in a question

Q: My question to you; for as dumb as this may sound is, how do people get someone’s email address?

A: Dear Reader, your question is not at all “dumb”. Not only that, to answer it fully would take all day!
I mean, are you asking because you want to find someone’s e-mail? Or, trying to keep yours private?

I will try to answer and also be brief.. wish me luck.
* There are directories.. much like a telephone book.
* They simply guess it; sending out all the different combinations in a ‘mass mailing’.
* They simply Google the person’s name. Quite a bit of info about us is available.
* Your e-mail viewer told them, see https://techpaul.wordpress.com/2009/06/05/how-did-they-get-my-e-mail/
* Unscrupulous businesses and orgs (and websites) sell their customer lists. Spammers sell theirs to other spammers.
* Someone you know (and have given your e-mail to) has given your name out/been infected with malware/signed up for a social networking site/forwarded a rigged e-mail to all their friends and family as a “warning”… perhaps an “alert” about a super-virus.
* You opened a spam.
* A database containing your info has been hacked. You remember TJ Max?
* Your doctor left his laptop – which contains all his patient records – somewhere… maybe on the bus. Your accountant’s laptop was stolen.
* Perhaps another 50 – 100 ways… more?

The facts of the matter are:
1) The Internet was not designed with privacy and/or security in mind, but for making information available.
2) Absolute Anonymity Isn’t Practical In Real Life Or On The Web (Immutable Security Law #9¹)
Let me quote Jesper M. Johansson from a recent TechNet article: “When I think about this Law, I find it difficult not to crack some joke about how our governments and large corporations make sure we have very little anonymity. The United States government and TJX Companies together have made sure that personal information on about half the US population has entered into the portfolio of the criminal underground.”

[addenda: for managing the stuff that gets into your Inbox: For webmail, see Managing your email: eliminating the junk, and in a mail client see, Managing junk mail in Outlook/Thunderbird .
If you are interested in encrypting your e-mails, see Simple E-mail Encryption]

¹ 10 Immutable Laws of Security
Law #1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore
Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore
Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore
Law #4: If you allow a bad guy to upload programs to your website, it’s not your website any more
Law #5: Weak passwords trump strong security
Law #6: A computer is only as secure as the administrator is trustworthy
Law #7: Encrypted data is only as secure as the decryption key
Law #8: An out of date virus scanner is only marginally better than no virus scanner at all
Law #9: Absolute anonymity isn’t practical, in real life or on the Web
Law #10: Technology is not a panacea

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

August 18, 2009 Posted by techpaul | e-mail, Internet, security | anonymity, e-mail, email, online, privacy, techpaul | Leave a comment