18 WebsiteCompass FAQs Dr. Webbie Answers your frequently asked questions QUESTION: How do spammers get my email address? ANSWER: There’s no single way for spammers to get your email address. Here are some of the most common methods: Email Harvesting Spammers use email harvesting software to collect email addresses from websites. Dictionary Programs These programs generate alphanumeric combinations of email addresses in sequence. While many of the results are incorrect —not valid addresses—these programs can create hundreds of thousands of addresses per hour, guaranteeing that at least some of them will work. Dishonest Newsletter Services Dishonest newsletter services will sell your email address for a commission. A common tactic is to blast millions of people with a false “you have joined a newsletter” email. When users click on the Unsubscribe link, they confirm that a real person exists at their email address. CC vs BCC Email Spammers can obtain your email address when someone uses Cc (carbon copy) instead of Bcc (blind carbon copy) when addressing an email message to a large group of people. Anyone receiving the email can view all the recipients’ email addresses, and the email can be forwarded repeatedly, which potentially exposes people to spammers. Phishing Spammers may pose as banks, financial institutions, government agencies, or companies you do business with to trick you into providing your email address. Giveaways and Sweepstakes Think twice before entering sweepstakes and giveaways. Some companies sell the information you provide to generate income, and spammers could buy it. Data Breaches Once a hacker gains access to a company’s database, they can gather not only email addresses but all kinds of other information such as your name, home address, phone number, Social Security number, and financial account numbers. QUESTION: What can I do to make online shopping safer? ANSWER: Online shopping is incredibly convenient, but to avoid being ripped off by cybercriminals, you need to take precautions. Choose sites carefully. Shop on sites you know and trust. If you’re wary of a new site, perform your due diligence by checking with the Better Business Bureau and reading retailer reviews on Yelp and Google. Look for “https” in the URL. Never buy anything online from a site that doesn’t have SSL (secure sockets layer) encryption installed. You’ll know if the site has SSL because its URL will start with “https” instead of just “http” and an icon of a locked padlock will appear. Provide as little personal data as possible. No online retailer needs your Social Security number or your birthday to do business. However, if cybercriminals get them and your credit card number, they can do a lot of damage. Pay by credit card, not debit card. When you buy online with a credit card, the Fair Credit Billing Act ensures that if you get scammed, you’re only responsible for up to $50 of credit card charges you didn’t authorize. However, if your debit card is compromised, scammers could gain direct access to your bank funds.