If you’re one of the millions of people who have an email address, you may be wondering how it’s being used. Unfortunately, your email address is being sold on the dark web to spammers, who are using it to send unsolicited emails. To protect yourself from this type of attack, you need to know how to identify which online accounts are selling your email address. Here are four tips:

  1. Check your spam folder regularly: If you don’t receive any spam emails from a particular account, that account is probably not selling your email address. However, if you start receiving spam emails from that account but never sent anything to that person before, then it’s likely that the account is selling your email address.
  2. Use a spam filter: If you use a spam filter on your computer or phone, make sure it blocks all emails with your email address in them. This will help protect you from attacks that use your email address as part of their payload.
  3. Use a password manager: If you use a password manager on your computer or phone, make sure the password for the account that sells your email address is not easily accessible (e.g., stored in plain text). This will help protect you from attacks that try to guess the password for that account.
  4. Check for suspicious activity: If someone is trying to sell an online account with yours as part of its credentials (e.g., username and/or password), there may be signs of suspicious activity associated with that account (e.g., unusual traffic patterns). If there are any such signs, contact the owner of the account and ask them to change the credentials for that account so it doesn’t sell your email address anymore ..

I couldn’t agree more. So let’s start up a program to figure out who it is that is selling your email address to the spammers. We’ll start with a fresh new Gmail account, because they provide the feature that we are looking for, which is +plus addressing.

Essentially, plus addressing means if your email address is DONOTSPAMME@gmail.com, then you can also receive email on DONOTSPAMME+citibank@gmail.com.

So here’s the plan. For each and every one of your online accounts, you will change your email address to DONOTSPAMME+accountname@gmail.com, where DONOTSPAMME is your actual email name, and accountname is set to the account you are logging into.

For instance, I’ve got the following: (not actual addresses, just an illustration)

For this to work, you have to make sure that you don’t start flashing this account around. Don’t start posting on newsgroups or anything like that.

Citibank: geekervongeekerson+citibank@gmail.com

Newegg: geekervongeekerson+newegg@gmail.com

Now when you start getting junk mail on this new account, you should be able to immediately see who is selling your address, because it will show up as username+guiltyspammers@gmail.com

If you figure out who it is that is selling your email to spammers, drop a comment into the box below.