Email Harvesting

Why Trust Techopedia

What Does Email Harvesting Mean?

Email harvesting is the process of obtaining a large number of email addresses through various methods. The purpose of harvesting email addresses is for use in bulk emailing or for spamming.

Advertisements

The most common method of email harvesting is by using specialized harvesting software known as harvesting bots, or harvesters.

Techopedia Explains Email Harvesting

Spammers harvests email addresses through various techniques, including:

  • Posts into UseNet with email addresses
  • From mailing lists
  • From Web pages
  • From various paper and Web forms
  • Through the Ident daemon
  • From a Web browser
  • From Internet relay chat and chat rooms
  • From finger daemons
  • From domain contact points
  • Using the method of guessing and cleaning
  • From white and yellow pages
  • By accessing the same computer used by valid users
  • From the previous owner of an email address
  • Through social engineering
  • By buying lists from other spammers
  • By accessing the emails and address books in another user’s computer
  • By hacking websites

The above techniques enable spammers to harvest email addresses and use them with electronic messaging systems to send unsolicited bulk messages. The following techniques can be used to prevent email harvesting:

  • Email address munging by changing the “@” sign into “at” and the “.” into “dot”
  • Turning an email address into an image
  • Using an email contact form
  • Using JavaScript email obfuscation. In the source code seen by the harvesters, the email address appears to be scrambled, encoded or obfuscated.
  • Using email address obfuscation through HTML. For example, one can insert hidden elements within the address to make them appear out of order and use cascading style sheets to restore the correct order.
  • Prompting users to enter a correct CAPTCHA before divulging the email address
  • Using a CAN-SPAM notice enabling prosecution of spammers under the CAN-SPAM Act of 2003. The website administrator must post a notice that “the site or service will not give, sell, or otherwise transfer addresses maintained by such website or online service to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.”
  • Monitoring the mail server. This method can be implemented at the recipient email server. It rejects all email addresses as invalid from any sender specifying more than one invalid recipient address.
  • Using a spider trap. This is a part of a website built to combat email harvesting spiders.
Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.