No one harvests email addresses any more

There are a lot of people who assert that “no one” actually scrapes websites for email addresses any longer. My experience indicates this isn’t exactly true.
We have a rotating set of email addresses on our contact page. Every day we push out a new email address. Every day we expire addresses that were pushed out 7 days ago.
I can say, with 100% certainty, that there are people harvesting addresses off websites. The ads are reasonably “targeted.” Most of them are offering increased traffic, or the ability to monetize the website. Some are offering work from home.
I suppose you could call these targeted mails. After all, what website owner doesn’t want more traffic? Who wouldn’t want to make hundreds of dollars a day from the comfort of their own couch? What website owner doesn’t want their site submitted to 2700 different search engines?
Targeted spam is still spam. And having a rotating, expiring contact address has kept the amount of spam coming into our contact address low enough that the contact address is actually useable. 10 spams a month (for a 7 day old email address) is much more manageable than 1000 emails a month (for a 4 year old email address).

Related Posts

Are you sure? Part 2

There was a bit of discussion about yesterday’s blog post over on my G+ circles. One person was telling me that “did you forget you opted-in?” was a perfectly valid question. He also commented he’s had the same address for 20 years and that he does, sometimes forget he opted in to mail years ago.
As an anti-spammer with the idea that it’s all about consent, I can see his point. Anti-spammers, for years, have chanted the mantra: “it’s about consent, not content.” Which is a short, pithy way to say they don’t care what you send people, as long as the recipients themselves have asked for it.
This is the perfect bumper sticker policy. As with most bumper sticker policies, though, it’s too short to deal with the messy realities.
I’m not knocking consent. Consent is great. Every bulk mailer should only be sending mail to people who have asked or agreed to receive that mail.
But if your focus is on delivery and getting mail to the recipient’s inbox and getting the recipient to react to that mail then you can’t just fall back on consent. You have to send them mail that they expect. You have to send them mail that they like. You have to send them mail they will open, read and interact with.
If your permission based recipients are saying they forgot that they signed up for mail, that is a sign that the sender’s program is futile. These are people who, at one point or another, actually asked to receive mail from a sender, and then the mail they receive is so unremarkable that they totally forget about the sender.
Maybe that’s another reason the question “are you sure you didn’t forget you opted in” from clients bothers me so much. If I signed up and forgot that points to problems in your program, mostly that it’s totally unremarkable and your subscribers can forget.

Read More

Marketing or spamming?

A friend of mine sent me a copy of an email she received, asking if I’d ever heard of this particular sender. It seems a B2B lead generation company was sending her an email telling her AOL was blocking their mail and they had stopped delivery. All she needed to do was click a link to reactivate her subscription.
The mail copy and the website spends an awful lot of time talking about how their mail is accidentally blocked by ISPs and businesses.

Read More

User education doesn't work

A growing OSX security problem illustrates why user education is not the solution to virus, spam or malware problems.
HT: @briankrebs

Read More