I work in an internet cafe and I remember the specific moment that spam went from a mild inconvenience to something I hated with a passion. An elderly woman came in having been encouraged by her grandchildren to get email so they could all stay in touch. We signed her up for a hotmail account, set everything going and she sent a one line message (which took fifteen minutes to type) to her grandchildren. The next day she returned to the store to check her mail. She had six messages. One asking her to help get money out of Nigeria, two telling her to buy x-stock and the remainder telling her she wasn't satisfying her wife and how she could grow six inches. I never saw her again. I doubt she ever used email again. She is what I consider a casualty of spam. All she wanted to do was stay in touch with her loved ones, but the work of spammers made that impossible.
Now the question is - in 24 hours her email address appeared on a spammers list. She sent one message to a known, and presumably secure, address. How did the spammer get her details? For that matter how do they get lists of millions of emails, and more specifically, how did they get YOURS? Sadly, it is often all too easy for them.
The first and most common method is harvesting addresses with a spider. A spider is a program that trawls the internet looking for email addresses. If you ever posted your address at the bottom of a forum post, or if it's on a webpage somewhere, then a spider has access to it, and thus so does a spammer. A quick test. . . go to google and type in your email address - if any results come up then your address is in the public domain and spammers have open access to it. And they will find it sooner or later. The spiders get quite advanced. An early trick was not to post your address in one word or to replace @ with AT. Spiders wise up to these tricks and can harvest thousands of addresses per minute. It is literally possible for a spammer to build a list of over 1 million addresses in under a day, and as the spider is an automated process, they don't even need to be there to do it. Click start, go out and beat children or whatever spammers do in real life, come back the next day to send spam to their newly acquired list. Depressing really isn't it?
And sadly it doesn't stop with that. In the example above we know the lady never posted her address anywhere on the internet. She only sent one message. How did the spammers get her address? Once again an automated script did it. If you have ever tried signing up for an email address with a common name like james or sally, you will have got a message saying that username is taken and prompting you to try another or suggesting a few that are free. Some email providers even think they are providing a helpful service by offering a tool that allows you to check if your desired email address is avaliable. Spammers LOVE this. Their script sits there all day entering names into this tool and every time it is told that an email address is not avaliable it knows that someone out there is using it. It adds the ‘unavailable’ address to it's database at which point your address is on the list.
In other words even if you follow best online practices and guard your email address online to the best of your abilities, you can STILL get added to spammers lists and have to deal with spam.
With an estimated 70-90 billion spam messages sent every day, the problem is not going away. Don't wait for someone to solve the problem for you, visit The Stop Spam Now Site and review the very best methods of stopping spam.