Unwanted, unsolicited emails, commonly sent in bulk (also known as email spam), are a serious problem for Internet email users. Spammers use bots to search the Internet for email addresses and sell their collected lists to other spammers, who then use them to send out junk emails to unsuspecting users, often infected with malware or containing links to corrupted webpages. Most spam messages contain messages for dubious products or services, including illegal/phony pharmaceuticals, casinos/gambling, and loan/financial scams. A recent study estimated that in 2012, up to 94% of all email sent across the Internet is spam – as many as 94 billion messages each day.
Spam traffic is expensive to businesses. Spam recipients are exposed not only to scams, but to phishing hazards and malware of all types, including viruses, Trojan horses, and web browser exploits. Internet service providers and companies operating their own email services bear the costs of scanning and filtering out all of this junk mail. Then there are the staggering costs suffered by unsuspecting customers ripped off by scammers or by IT departments in cleaning up spam-borne malware infections. Estimates put the annual figure for the costs of spam as high as $255 million in 2012, and that figure does not include the cost of lost productivity.
Spammers collect email addresses from a variety of sources. Even when some people take measures to hide email address details, spammers search websites for links containing the href attribute prefix mailto: (used to start the default email client) and for strings of text adjoining the @ symbol (as used within an email address). In addition, they search blog comments, online user account profiles, Usenet and web forum posts, and more to find email addresses. Some common email domains, such as Gmail.com, Yahoo.com, Hotmail.com, and Aol.com, are subject to dictionary attacks, where spammers create all possible forms of letter and number combinations as guesses for likely email addresses. Many people carry out a basic search for information such as “how to protect email address on website” but then make the mistake of linking their obfuscated email address.
To minimize your exposure to junk email and hide your email address or prevent your private email address from being picked up by email harvester spam bots
follow these recommendations:
Create multiple email addresses, one for public Internet use to communicate with businesses and another for private use with known, trusted contacts.
Better yet, consider using a disposable email address (DEA) service for non-personal emails, which allows you to create a custom email address for each business use contact. That way, if one company sells its customer email address list or its customer database is hacked, you can shut down that one email address without affecting any of your other email address contacts and protect email address inboxes of other accounts.
Don’t register a private email address with contests, surveys or any organization you don’t know well and thoroughly trust. They may not properly protect email address information collected from users.
Review the privacy policies of all online services you use, including how they protect email address data, and in each case, pursue the opt-out option for sharing your email address with third-party business partners unrelated to the business with whom you work.
Learn how to opt-out of email marketing lists from the U.S. Federal Trade Commission to further hide email address information online including email address obfuscator techniques.
Don’t reply to or click any links found in spam email messages.
Don’t post your private email address in blog comments and forum posts. If you must use an email address to leave a comment, use one that can be sacrificed to spam.
Try a search for “protect email address on website” to learn about some common recommendations that people use including email obfuscator techniques.
Set up a web contact form for receiving comments and feedback on your website, with a built-in email obfuscator to hide email address details.
Encourage site visitors to also do a search for further information to “protect email address on website” so that their contact lists (which may include your address too!) will also be safe.
Obfuscate your email address by spelling it out, such as “name at company name dot com”. This technique is known as email address munging. Also, be sure this is not linked using a mailto: anchor tag.
Implement a CAPTCHA plugin to your website that requires a user to type in a visually obscured code before the email address is revealed.
Install an email obfuscation plugin to protect the email addresses of visitors to your website.
Present a non-linked image containing the text of the email address to hide your email address from spambots or use an email obfuscator.
Use a JavaScript email address obfuscator to break up an email address into pieces to conceal it as an email address within the page source code
Unfortunately, hiding your email address can frustrate business contacts who appreciate the ease of use of clicking a simple MAILTO link to send a message.
Cool Hide Your Email Tool
To effectively hide your email address from spam email harvesters but still present an email address on a webpage, use the Cool Hide Your Email Tool. The email obfuscation tool offers two methods for hiding an email address:
Create an image containing the email address text customized with font formatting options. Use this method when you only want to show an email address without making it clickable so that it will still hide your email address from spammers. Do not enclose the image in an anchor tag. Doing so puts the actual email address in the source code, making it vulnerable to capture by harvester bots.
Use the <script type="text/javascript"> </script> tag to insert JavaScript inline in place of an anchor tag. Using the provided sample script, simply update the two variable values with the email addressee user name and the domain name of the correct network address. The result of the script will be an inline link that appears in the browser window as a normal anchor tag using the mailto: href attribute. However, in the source code of the page, any spam email harvester will be unlikely to parse the code script and harvest an email address.