Suddenly I started receiving a bunch of scam mails (phishing). I suspect some bot or bot-net is involved, because I’ve received maybe a couple hundred e-mails at the time of writing, all from different (likely auto-generated) senders. With anything from 2-10 emails per day.

The scam is essentially just some phishing, all related to the same topic. I’ve mostly been able to mitigate it by filtering out mails containing certain keywords or phrases that show up in the scam mails. However, the mails change relatively often (about once a day) so every now and then something gets through, and I’ll update my filter.

My question is really if there’s any way I can figure out

  1. Where this is coming from,
  2. How they got hold of my email

So that I can try to go after the root cause / prevent other scammers from getting hold of it.

  • @MilitantAtheist
    link
    83 months ago

    This is what I did years ago. It works great for me.

    Got my own domain.

    When I’m forced to register somewhere I use <their site+how much I hate them><year>@mydomain.com

    So, when EA forced me to register an account on origin, it was [email protected].

    If I see an email address start to get phishing and spam, I disable it.

      • thermal_shock
        link
        English
        53 months ago

        lots of places catching on, won’t let you use + sign when you sign up

      • @[email protected]
        link
        fedilink
        53 months ago

        Gmail labels are great but they’re not universal, and are easy to strip out.

        A lot of sites:

        • Don’t allow +'s in email addresses
        • May let your register but then not login
        • Are aware of labels and simply strip them out

        I have an email address I have only ever used with labels but still get spam to the non-labeled address. Spammers and email harvesters are very much aware of this trick, so it only works on legitimate sites.