Monday, July 28, 2008

Attack of the Harvester Bots Part 2: Blogger Profile

If you use Blogger, you'll want to make sure your profile does NOT have your regular email address attached. I just received a notice that a message I had supposedly sent was rejected by the recipient because of a suspicious attachment it contained.

Yep. The harvester bots have visited my profile page. The email address it referenced was one that existed only on my Blogger profile (I've changed it since):

If you have Gmail, I highly recommend creating an alias of your regular email for your Blogger profile (and anywhere else your email address is posted publicly). Just add a "+" and then any word you like before the "@" (the part in red above). You'll still get any email sent to the address, but you'll be able to easily identify where your email address was harvested from should it turn up in strange places. You'll also be able to block that particular address should YOU be the recipient of spam.

If you use a mail service other than Gmail, there are third party sites that allow you to create disposable email addresses. Just make sure they don't expire, or nobody will be able to contact you via your profile. Yahoo supposedly has an alias service as well.

And again, if you think spelling out "at" and "dot" on your website fools the bots, think again.

Read more:
Beware the Harvester Bots!
Email address harvesting