Articles taggés Technique
I came across quite a few companies that were either reselling my data
without my consent, got hacked or had rogue employees.
The offenders range from small online shops to large Telecom companies.
How can you find out?
It’s easy, if you’re not afraid of getting your hands dirty. You
“simply” need to register a domain name and get mail hosting with it
(shouldn’t cost more than £14/year). What that means is that you’ll buy
mynewdomain.com and will be able to receive emails that are being sent
Once you’ve bought the name, log into your control panel and define what
is called a “catchall”. Call it, per example,
All emails sent to mynewdomain.com will get delivered to that one
mailbox that you’ve defined and that you will monitor by adding it to
you email “client” (Thunderbird, Outlook, etc.)
Now…let’s say you want to buy shoes online at Schuh (one of the
offenders…). When you type in your email address, use something like
This is a unique email address that only that company knows about. Make
sure you untick all the boxes that say that they can sell your data, etc.
When they send you the confirmation order, they will send it to
email@example.com and it will be transferred to
firstname.lastname@example.org and you will get it in your inbox.
Two months later, you get an email from “your bank”, asking you to log
into your account because there was a security issue. It’s the typical
scam. A quick glance at the email address it was sent to and you notice
that it’s email@example.com. That’s not the email address
that your bank has on file which can only mean one thing: your data
leaked out of the Schuh IT systems. It doesn’t really matter how it
happened. They breached their obligations. You can decide to contact
them or to report them, up to you.
I read about this way of filtering emails a few years ago and it worked
really well for me.
The cons of this solution
Lots of spammers send emails to random email addresses like
firstname.lastname@example.org. If your anti-spam filters are not up to date,
you may get quite a few of these spams delivered to your new inbox. You
can use additional techniques to make the difference between a random
spam and an email address that you use to fill up forms. Per example you
can always start your addresses with “abc-“, it would look like
email@example.com. The chances of a spammer randomly
sending an email to this address are quite slim.
The other “problem” is when you need to get in touch with one of these
companies and they don’t provide an online form. You then need to send
an email from a real email account. I suggest you create one that you
will use to send those messages. something like
firstname.lastname@example.org. And you can use the “reply-to” feature when
you compose your email and you would type in the email address that you
used when ordering from them.
I’ve probably lost many of you at “simply” :D, but felt like it could be
useful for those of you looking for a solution ;).