Avoid spam at conventions: keep your 'real' email address private

By Chris Chamberlin, May 5 2015
Avoid spam at conventions: keep your 'real' email address private

When handing out your contact details at conventions, tradeshows and exhibitions, there’s a good chance that after your enquiry or meeting is followed-up, you’ll start to receive unwanted newsletters, announcements, and other self-promoting paraphernalia straight to your inbox.

Worse still, the chance of your email address falling into the hands of mass spammers who flog everything from diet pills and Louis Vuitton knock-offs through to crowning you as Nigeria’s next zillionaire and heir to the throne.

To help combat this and the much larger deluge of spam traversing the Internet, savvy users of Microsoft’s Outlook.com, Google’s Gmail and Yahoo Mail have a few sneaky features available to them to stop spam in its tracks, and to catch the person or company who most likely ‘shared’ your email address.

Our top pick: Yahoo disposable email addresses

Formerly known as AddressGuard, Yahoo lets all webmail users create ‘disposable’ email addresses within their main email account.

It works like this: you first choose a ‘base name’ that becomes the prefix of every disposable email address you create: found here on the Security tab on Yahoo’s Settings page:

Even if your normal Yahoo address is [email protected], your base name could well be ‘dave987’ – the two don’t have to match: in fact, they shouldn’t.

Once you’ve got that sorted, you’ll next create a keyword: here, we’ve gone with a base name of ‘ausbttesting’ and a keyword of ‘ausbt’:

Hit ‘save’ and the two combine to create a disposable address: [email protected]:

Repeat as necessary until you’ve got enough unique keywords to tide you over.

Creating keywords on the run can be a little tricky, so before attending a tradeshow, set up a number of sequential keywords – mel1, mel2, mel3 and so on – and give each one to only one person or company.

Then, if spam or random newsletters begin to arrive in your inbox, just check which email address the unwanted mail was addressed to. Here, we can see that a message was sent to the ‘mel1’ keyword by clicking on the ‘me’ button in the message…

… and if that won’t appear, click ‘More’, then ‘View full header’, and you’ll find your answer at the top next to ‘X-Apparently-To’:

Chances are you won’t be doing business with a company that gives your email address to spammers or chooses to spam you itself, so jump back to the keyword list and simply hit ‘delete’.

Any future emails sent to that disposable address will bounce right back, keeping rubbish out of your inbox – and should you need to reply, your keyword address can be used from the ‘compose’ tab just like a fully-fledged Yahoo account:

Google Apps' and Gmail’s keyword feature

Google’s approach with Gmail is much more simplistic: take the first part of your email address, whack in a ‘+’, and then whatever keyword you like: here, our previous example would look like [email protected]

If your employer uses Google Apps as its behind-the-scenes email provider, there's a good chance this works with your business email address too.

The main advantage with Google is that it works on the fly: you don’t need to pre-create addresses or remember which address you gave to which company – just take your everyday address, append your keyword and you’re all set.

Let’s say you’ve discovered an unwanted newsletter doing the rounds or your spam folder is starting to look a little chunky – when opening a message, click the downward arrow next to ‘me’ and you can see which address the email was sent to:

Let’s also pretend that address really has fallen into the hands of spammers – while you can’t simply delete the keyword, you can create a filter that directs those emails straight to your trash or spam folders.

Just go Settings -> Filters -> Create a new filter, and enter your full keyword-attached email address in the ‘to’ box, before making the garbage bin its new home:

It’s a great idea and can help to reduce ‘inbox clutter’, but as your real email address is shared and forms the prefix, many spammers know to simply remove the suffix – for example, ‘+hello’ – and they’ve got their hands on your real email address.

Your real address is also exposed the moment you reply to a message, as you can’t sent from a Gmail pseudonym.

Microsoft Outlook email aliases

Let’s face it: give a keyword-attached email address to anybody who knows this trick and you’re saying one thing: “I don’t trust you at all, even with an email address”.

So while keywords are fine for things such as newsletter signups, Microsoft’s Outlook.com webmail service (formerly Windows Live Mail and Hotmail) lets you create a proper email alias within the one Outlook.com account, via the Setting menu:

That means you’ll have a ‘normal-looking’ email address to distribute, won’t have to create a completely separate account and can have everything delivered straight to the one inbox:

You can also reply directly from your alternate address and can compose new messages from that alias with ease – even with different display names if you desire:

Microsoft also supports + keywords on both primary addresses and aliases, so that ‘fake’ [email protected] could even be given out as [email protected] and you’d still receive your messages.

Like Gmail, you can’t send mail from a keyword address, but can still reply from the alias rather than your main account.

We should also point out that whichever email provider you’re using, merely receiving an undesired email via an address given exclusively to one person or company may not be a breach on their part.

It’s a good possibility, but your temporary email address could also have been intercepted over an unencrypted connection or even simply guessed by spammers.

But if the same happens time and time again with one particular merchant and several different email addresses, that’s a red flag in our book – and one you'll have discovered by employing this nifty trick.

Are you careful when giving out your email address, or do you just rely on anti-spam filtering to keep the junk out?

Follow Australian Business Traveller on Twitter: we're @AusBT

Chris Chamberlin

Chris Chamberlin is the Associate Editor of Executive Traveller and lives by the motto that a journey of a thousand miles begins with a single step, a great latte, a theatre ticket and a glass of wine!

British AIrways

08 Feb 2011

Total posts 22

I use the "+" notation for pretty much all non-personal e-mail if possible but unfortunately way too many systems have been implemented by clueless people who don't know that "+" is a valid character in an e-mail address.  Airlines tend to be in the worst category.

Some systems break completely as they accept "+" but it doesn't work in their background systems and databases.  It took two months to get one system fixed because the customer support was totally clueless about the issue.  They didn't fix the problem, they just changed my account.  And that didn't happen until I contacted my dealer and told that I need to return the device if they will not fix it.

 

Qantas - Qantas Frequent Flyer

16 May 2013

Total posts 25

I've got 3 e-mail addresses, so problem solved!!!!!

03 Oct 2011

Total posts 29

Useful tips.  For personal email, I control my own domain, so I use unique email addresses for every organization, company, doctor, etc. to which I give my email address.  Besides the ability to deactive when one is compromised by spam, it makes it trivial to detect phishing.  If an email says it's from my bank or an airline, but was sent to an address for a web site I once bought something from, that's blatantly obvious phishing.

I use "+" addressing at work (we have special hooks to permit it despite using Microsoft Exchange servers, which don't recognize it).  Like @petriojala, I get frustrated by sites that implement broken checks for the validity of email addresses.  Doesn't anyone bother to read the RFCs?

03 Oct 2011

Total posts 29

By the way, the ability to edit the 'From' address while composing a message is one reason I still use Eudora.  But, I'm considering switching to Mailmate, which also has this ability.

23 Aug 2012

Total posts 33

The Google approach has a little disadvantage: Spammers would soon learn to remove all symbols after "+". Yahoo is quite a bit complex to configure. A better, quicker and easier solution is provided by the free https://www.spamgourmet.com service.


Hi Guest, join in the discussion on Avoid spam at conventions: keep your 'real' email address private