Spam and unsolicited messages are a regular part of life for email users, but it can be a lot to manage in an election year and around the holiday season.
When you provide your email address to a website, app or online service, it automatically becomes a commodity. Email addresses, and the data associated with them, are constantly compiled, bought and sold for retail, fundraising, and outreach from political organizations.
The practice isn’t necessarily sinister; a donation to a non-profit organization may put you on the radar of another one with a similar mission. What’s problematic is that it’s usually done without your permission or awareness (Jeff Williams, a guest on our podcast refers to this as “data self-sovereignty”).
Here are a few tips to track who’s sharing your email address online.
Dot Addressing:
Youremail@gmail.com and your.email@gmail.com may look like two separate addresses, but as far as Gmail is concerned, they’re one and the same. The practice, called “Dots Don’t Matter,” was created to prevent identity hijacking. It also helps you track who’s sharing your email address: If you provide an e-commerce site with y.o.u.remail@gmail.com and your inbox starts flooding with other offers to that same variation, you’ll know who shared it in the first place.
Pros: Dot addressing is easy and requires very little technical knowledge or setup on your part. If one version of your email address is overwhelming your email account, you can create a filter to mark it as spam.
Cons: “Dots don’t matter” isn’t universal. It works for Gmail, but not Microsoft Outlook, Yahoo Mail or Apple accounts. Depending on the number of accounts you have, it may be hard to keep track of what variation you provided and to whom.
Plus Addressing:
Plus addressing is similar to “Dots Don’t Matter” and has been widely used by tech companies as a means of filtering incoming emails without needing to create multiple accounts. By adding a suffix to a email address’s username starting with a plus sign, e.g. “youremail+example@gmail.com” you can identify your email-snatcher. Most email servers will ignore anything after the plus, but email clients and apps won’t.
In short, if your email address on file with Examplestore.com is “youremail+examplestore@gmail.com,” and you start receiving emails from anyone but Examplestore.com, your email address has been shared (or Examplestore.com has been breached).
Pros: Plus addressing is supported by most email providers, including Gmail and Microsoft Outlook, although it needs to be enabled to work with the latter. It’s also easier to keep track of variations; you can make a plus address for every account, or just for categories, like shopping, donations, school, etc. It’s also possible to create labels or email rules for your inbox to automatically mark anything addressed to one plus address as spam.
Cons: It’s easy for organizations to strip their mailing lists of plus addresses, and it doesn’t work with every service. Even by adding plus addresses, you’re still providing an address that can be shared.
Email Relaying/Aliasing Services:
If all of this sounds like a hassle, there are online services that can will keep track of your incoming emails for you. Mozilla, the organization that makes the Firefox browser has one such service called “Firefox Relay” that generates a new email address for every account at the @mozmail.com domain name and redirects them to your inbox. Competitors such as AnonAddy or ImprovMX offer similar services and features.
Pros: Email relaying services can be a great way to let you know who’s sharing your information with the added bonus of not providing your real email address. Many services will also share information and reports as to which aliases are generating the most spam or unsolicited emails.
Cons: Dot and plus addressing don’t rely on any other services than an email provider. A service outage, glitchy plugin, data breach or a company going out of business could mean loss of access to multiple accounts. Much like VPN services, routing all of your email through another service requires entrusting them with an enormous amount of personal data.