How do spammers get your email? You give it to them. Not directly, no — you sign up for an app or service and happily hand over your email to verify your new account, then that app or service sells your email address to marketers who now know what kinds of apps and services you like.
It’s a shady tactic that’s symptomatic of the current era of big data, and it may even be illegal in some jurisdictions. But companies get away with it because they’re not the ones directly spamming you, so you don’t normally have a way of knowing which service is the one who sold your data.
Seeing Who Sells Your Data
The next time you sign up for an account with an app or website, you’ll want to modify the email address you use. Instead of [email protected], add a unique identifier and a + symbol before your regular email. So this standard email format:
… would become something like:
Ideally, use the app’s name so it’s easier to find the culprit. If you sign up for a TikTok account with [email protected] and then you start getting a lot of spam emails with that specific address as the recipient, you’ll know it was TikTok who sold your email address — sort of like a marked bill, if you will.
The reason this works is because Gmail ignores everything before a + sign in any email addresses, yet still delivers the emails. So check that Sender field on your next spam message.
You might run into an issue where the service you’re signing up for doesn’t allow you to input a + symbol in the email field. If that happens, you can use another Gmail trick: add a period somewhere in your user name. For example:
… could be entered as the following when signing up for one website:
… then as this when signing up for a different website:
Similarly to the + symbol, Gmail outright ignores any periods in user names and delivers the email as if they weren’t there. The trouble with this system is that you’ll have to remember which position the period was in when you signed up for each service, and there are a limited amount of combinations. However, note that you can use multiple periods.
What to Do When You Find Out Who Sold Your Data
Sadly, you’re not going to be able to put an end to shady data sales just by catching a company in the act — there simply isn’t an adequate system in place to punish policy violators, if there’s even a policy against this in your jurisdiction in the first place. But you can, at least, do your part.
You can report privacy violations to the FTC if you live in the US. If you’re in the European Union, you can make a complaint with the Information Commissioner’s Office. Don’t expect immediate action, but enough complaints could get the ball rolling.
Keep Your Connection Secure Without a Monthly Bill. Get a lifetime subscription to VPN Unlimited for all your devices with a one-time purchase from the new Gadget Hacks Shop, and watch Hulu or Netflix without regional restrictions, increase security when browsing on public networks, and more.
Buy Now (80% off) >
Other worthwhile deals to check out: