Twitter Alert: Be Careful With Your Email

Spammers May Have Another Trick in Twitter

Get the WebProNews Newsletter:

[ Business]

Spammers have found a new way to use Twitter. This one lets them harvest email addresses easily,  and use these addresses to do their dirty business. The good news is that you can avoid this practice by simply not tweeting your email address. Have other tips to avoid being spammed? Share them with WebProNews readers.

I was having a talk with Twellow‘s lead developer Matthew Daines, and he pointed out that a simple query on Twitter Search can return large numbers of email addresses that spammers could potentially exploit.

Ed's Note: WebProNews Does Not Condone This Type of Behavior!

"You can sit and just watch the email addresses steadily trickle in," he noted. "I wouldn’t doubt it if spammers are harvesting these."

Results for such a query might look something like this:

email query on Twitter Search

"It would be trivial to write a script that gathers these addresses," he added. "They could have several hundred thousand over a few weeks at the rate they trickle in."

The ability to search for email addresses has always existed on search engines like Google, but Twitter and it’s real-time updates brings a whole new element to the matter. They come in fast, and they’re always going to be up to date. This is why it could be enticing for spammers.

"The Twitter stream really weeds out all sorts of irrelevant data and cuts right to the email addresses within 140 characters, so it’s a lot less intense, and would require very little coding skill," says Daines. "The thing is this makes it just too easy to get email addresses."

Warren Riddle at Switched makes a good point about the threat. The retention rate among Twitter users has not been the greatest, and the potential for spammers to harvest users’ email addresses might turn some off too, although the ball is in the users’ court on this one.

Twitter may want to consider taking some kind of precautions to prevent this kind of abuse. Spam is already a huge problem plaguing email and the web. When a service continues to grow in popularity the way Twitter continues to do, such abuse should be a great concern.

The lesson here is: Don’t throw your email address in your tweets unless you want it to be searchable. That means it will be vulnerable to this kind of practice.

Some are probably thinking that this is common sense, but looking at the query that the above screenshot is lifted from makes it pretty clear that people are not really thinking about this. And if they are, they must not care.

Are you worried that spammers are getting your email address on Twitter? Tell us.

Twitter Alert: Be Careful With Your Email
Top Rated White Papers and Resources
  • http://www.fromzerotoseo.com seozero

    Thanks for a tip :)

    • Chris Crum

      I’m sure you’re joking, but to be clear, I am not condoning this behavior. Matthew and I actually talked about whether or not we should even write about it, but ultimately decided that this is probably not a new idea for spammers and that since they can do it so easily, it could be a genuine problem, so we felt it appropriate to warn those who had not considered it.

    • netvitrinim

      Thank you for sharing your information.www.netvitrinim.com

  • http://inchoo.net Toni Anicic

    Yes, twitter search is like heaven for email spammers / email “marketers”

    • Guest

      There are already “spam-followers” on twitter. You notice that you have a new person following you that is following 13,000 people, has 2 updates and maybe 10 people following them (who are likely doing the same thing). All they are trying to do is get you to click some link that they probably get paid for per visitor.

      If you want someone to have your email address, use the direct message feature. If you’re going to put your address out there for the world, expect the world to send you some junk.

  • http://www.friendswhocare.us/blog1 Susan

    While I consider myself pretty knowledgeable on how to avoid letting spammers get my email address I totally overlooked what they could be getting from Twitter.

    Thanks for pointing it out.

  • http://www.webix.name/beep-pc Guest

    thanks,thanks for a tip…

  • http://www.seosean.com SEO Services

    Wow, I didn’t even think about that issue. Good think I’ve never twitted about my email address!

  • http://www.webpronews.com TwitterHater

    Twitter is one reason the US is falling further and further into a soon to be depression. If those people who waste their time actually started to think and produce nothing could stop us…….but as long as there are twittertwats thats more money for me!!!

    • http://www.homeonlinegames.com Dirk

      Found it. I knew eventually some twat would come up with this word.

      Its one of the “four letter words”, and frankly i am surprised the founders of Twitter did not take into consideration the possibility
      there would be these sort of word associations made.

      Which word is going to take over? LOL

  • http://www.tarotbazaar.com/ Guest

    I think it’s not just twitter.. I’m wondering if here would be good idea to write email address as well? But most places ask for it and no choice but give one.

  • http://twitter.com/ruthbelena Ruth Belena

    I am quite amazed that anyone would tweet their email address. I know some members show a business email address on their Twitter profile, but that is quite different.

    Giving out an email address in a forum or on a social site is simply inviting spam and phishing emails to flood into that email account.

    Even with a spam filter on the email account, spam is not something anyone ought to encourage.

  • http://www.horozima.com Lawrence

    It is also observed some spam twitter profiles(Mostly porn) follows me, and it is very disturbing.It is very time taking process to check every follower’s profile and block the spammers.

  • http://www.thecollectorshub.com The Collectors Hub

    The biggest problem, especially for businesses, is not that spammers are sending spam to the email addresses they harvest, it’s that the emails they send out appear to be sent from these harvested email addresses.

    People open their email and then assume that the spam is actually coming from these innocent parties. The last thing a legitimate business wants is for potential customers to think they’re sending spam.

    • http://www.renewyourwealth.com Greg G.

      I agree with the poster that stated ‘that spammers are sending spam’ to people as if they come from the email addresses they harvest. This is especially true of Gmail accounts. In one day, I received 17 emails from different Gmail addresses…all with the same body of text and signature. This was obvious spam and the sender’s email was definitiely harvested.

  • http://www.melbourneonline.com.au mark – web design melbourne

    hadn’t even thought of that, thanks!

  • http://www.tpdesigns.net Bay Area Web

    I get enough spam already. Don’t need another source!

  • http://www.bestbuyidea.com/ Altis Lo (Beaulife)

    I have to salute to those Internet people who have been so creative to find this trick and make full use of it for spam. Thank you for sharing. Although this is not a good practice to promote, I must say this promote creativity and observation in the Internet world. Let’s use it for good and educate other people to avoid the bad.

  • http://www.thepathwebdesign.com Neil

    Surely everyone knows by now if you display your email address anywhere on the net it can be potentially harvested by spammers.

    What you thought because it was Twitter it was safe?

  • http://www.alphawebdesigns.com deeziner

    I keep thinking people are smarter than they really are. “Well, DUH!” is a good reply to this concept. I echo “Neil” in saying What makes you think Twitter is any safer than any other application on the ‘net?

    But people persist in thinking the only people who read THEIR stuff are people like them … they just don’t consider the many others “out there” who manipulate and take advantage of every opportunity to either do mischief or try to sell more Viagra.

    May I add here, since hopefully some not-so-savvy folks will read your article to: Be careful what you post ANYWHERE on the internet, no matter how comfy you feel with your personal set of inline friends. That means, don’t put your personally identifying info on Facebook, Myspace, LinkedIn etc – you are opening yourself up to millions of total strangers, and not all of them are your new best friend.

    Thanks for posting your tip, even though I immediately thought “wow, that’s dumb – doesn’t everyone already know that?” (meaning, posting one’s email address on Twitter for the world to use.)

    I guess common sense isn’t … common.

  • http://www.medlawplus.com jjray

    Doesn’t everybody have a designed spam email address? Face it, at least one of your email addresses (if not all) are going to find their way into spam databases. The email address I give to this website is my designated spam account. Not that I think you guys will abuse it but this is just good policy. Following this procedure, you can give out an email address publicly and not worry too much about whether it gets into a spam DB, just accept it will and deal with it for just that one email address. Then be extra careful with protecting your primary email address.

  • http://myseogal.com Carla

    You would definitely think it would be obvious to everyone but the fact is it isn’t and people leave them selves open to being spammed.

    It’s sad and annoying but there are definitely ways to avoid this and that is by making people aware of situations like this.

    Thanks so much for sharing!

  • http://www.ukmagz.co.uk UK Magazine

    This is not good but I am sure that a lot of people who don’t know this will start doing after reading this.


  • Guest

    you are not suppose to put your email addresses on networks ANYWAY. also, is it me or the world is getting dumber?

  • http://www.thefergyco.com/index.php Shan Ferguson

    It would seem to me that not to much can be done about this and this occurs on pretty much all the social networks not just twitter, all I personally can say is that if some unethical jackass’es have to resort to these tactics to begin with they are pretty sad indeed. For me I simply delete any and all E Mails that I do not know the origin of, it saves problems saves my computer and removes annoyances that I would rather not deal with.

  • Guest R.K

    Each time I subscribed to a social network, I always use a fake e-mail so, no one can spamm me…….

    And after, if I see one of my best friend’s, I will give him my real e-mail…..

  • http://www.mensjewelry-rings.com Guest

    I agree. The spammers are going to do it anyway. Only awareness can slow it down

    • http://antihackattack.blogspot.com/ Guest

      your right spamming & hacking is on the rise

  • http://officialsafetyandsecurity.com/ Official Safety and Security

    I’m on FaceBook as well as Twitter for socially marketing my safety and security web site so I’m not one to share my personal email. Thanks, Chris, for sharing.

  • http://bloggerstop.net Sai @ Blogger Templates

    Of course sharing personal info in social networking sites is really foolish….specially one should not share at Twitter, where half of the members keep on searching something or the other !!!

  • http://www.bikegamer.com Bike Gamer

    This is actually a common sense. You should not post your email address publicly including on forums, blog posts, and social media sites like twitter. Not only on twitter, similar queries can be done in search engines like Google and Yahoo too.

  • http://www.gksphotography.com.au/gks/blogs/sydney-australia/corporate_executive_commercial_business/functions_events_parties/index.htm Sydney

    Sometimes you may be forced to place your email addresses on a site so that you do not lose potential customers.

    But a site like twitter? Another trick is harvesting Mobile phone numbers for SMS advertising. I have seen it happen

  • http://oaksblogs.com Michelle

    I agree that this is something that can be done pretty much anywhere and not just twitter. I also agree that having an email account specifically for giving out in these instances is a good idea. If you create an email account that you use for public use and need someone to send you something you just search for that email and don’t worry about the spam.
    This will keep your personal email private. The spammers can spam all they want and it gets them nowhere which is what they deserve :0)

  • http://www.twitter-trends.de Marco

    It should be obvious NOT to fill in your e-mail (or other credentials) on Twitter?!

  • http://www.dev-the-web.com Dev The Web

    Thanks, it’s a good tip, we should be careful every time we post our mail in the net

  • http://www.abundantace.com/ ace

    I’m surprised people would twitter their email address.

  • http://makemoneyonlinefreenoww.com TriNi

    There’s so much spam on twitter already! I’d hate for it to get into my mailbox too.

    Those people that post links to their blogs/sites 24/7 or always trying to sell something … I immediately unfollow them.

    I’d never place my email on twitter..

  • Michael Rhodes

    Can we take them to the wood shed & beat the hell out of them? We need to start making examples out of these dirt bags, & start throwing their butts on an island in the middle of the Baltic sea.. with no computers, or internet.. heck NOTHING but their survival skills (if they actually have any that is)

    They’re worthless!

  • http://bhing-moneyonline.blogspot.com Bhing

    Spamming has been really a problem in all parts of the internet world.. It is hard to stop them so all users just have to be careful and keen on this kind of thing so they wouldn’t be a victim with spam..

  • Guest

    You’re an idiot. A linkbaiting idiot. But an idiot nonetheless.

  • http://www.tmondo.com Games

    i never used to give my primary mail to sites like twitter.. i always prefer using my fake one.

  • http://ripcloud.com ripcloud

    Actually i think the potential for content spam (spamming tweets) is much higher then email harvesting. Twitter really needs an “ignore tweet” versus keyword blacklists. Once you are following just a few users it becomes almost impossible to wade through the noise…

  • Guest

    Said what you like the fact is Twitter is a domain for attention seeker. Is’nt it quite clear that attention seeker want you to know everything they do? Having their email address openly advertsied on twitter is another channel to seek attention.
    In short this people actuall ask for it and they want you and everybody else to have their email address..

  • http://www.crearecommunications.co.uk Adam

    This is quite basic advice – don’t post your email address on the Internet. Spam these days is something that is going to happen to everyone, so we’re all responsible for ourselves in terms of not making your email address public and limiting spam as much as possible.

    • http://whatareyouwatching.uni.cc Television Spy

      People don’t realize the inherent risk in providing their e-mail especially people using it for personal usage.

      But it’s not that big a risk, sure you may get a more spam but simple filters can help weed it out.

  • http://aks2008blog.co.cc Aswani

    Well, I don’t see any good reason to put your email address in the tweets. The web is full of spammers and when you put up your mail address in the tweets, it is most likely to be misused by the spammers. What I have learned in the past is that you should never post your email addresses on any social network.

  • Guest


    • http://www.lexolutionit.com Maneet

      I dont really agree with you here. I agree everyone is here to market and advertise something or the other. But that doesnt justify taking personal email addresses from the web and posting promotional messages. If you really need to do good to people and help them by advertising your products, go for banner ads and other mediums. But polluting inboxes are definitely SPAM!!

  • http://filesburner.com Guest

    I agree. The spammers are going to do it anyway. Only awareness can slow it down..

  • http://www.thebookabyss.com.au Australian Online Bookstore

    Thanks for the heads up. We have been fairlty active on Twitter but we’ll be sure not to include our email details in the future.

  • http://sulumits-retsambew-id.com Sulumits Retsambew

    Wow I just knew about this my God now I know why there’s so many emails offering my crap for the last 2 months

  • http://www.webovator/com/blog Designer’s Life

    This article is common sense. Sad that people don’t have any.

    Another problem with social networking that can be exploited is Facebook. A lot of people don’t realize there is a Phone Book within facebook where you can get all your friends’ numbers. So if you mass – add people for the purposes of playing Mafia Wars, for example, that means all those ‘friends’ now have your mobile and land lines at their fingertips.

    Not sure how many telemarketers are using Facebook to get leads, if ANY, but hey, it COULD happen!


  • http://www.uf Phil Lee

    The best way to beat spammers is: XInbox.com
    create an account free and yoiu have a spam protect real e mail address used it for long time on my websites. when some one mails you they are presented with a spam protected page/send but with a Captch code its good and Free

  • Gonzobot

    You mean if I write my email address on an electronic social service based on the fact that anybody who wants to read my writings can do so easily might be read by somebody I don’t know?? YOU ARE KIDDING ME RIGHT?? that is pure insanity! why does twitter do that! I can’t believe this, am I going to have to go back to writing my contact info on a bathroom stall and pretending to be surprised about that?

  • http://www.sulumitsretsambew.in/ Sulumits Retsambew

    On their own risk to spam twitter.

  • http://www.vip-o.co.nr www.vip-o.co.nr

    so are you trying to trick us

    too Post new comment


    thx for the help now i no just how i get all this supite junk mail to my hotmail.com but then its werd i get 0 junk mail to my website email

    pls reply to me on how/ y ppl ad these codes to these website or do they host them on there sites and send them to these websites

  • http://www.adamhirst.co.uk Adam

    The article raises fairly valid points, especially with regards to how easy it would be to do this, access to the Twitter API and a simpel regular expression is pretty much all needed to extract the emails for malcious or even white hat purposes.

    But doesn’t really tell us anything new I don’t think. Any self respecting web user knows it is pretty silly to post their email addresses anywhere on the web due to spiders and bots which crawl sites for email addresses. Hence the explosion in user[at]domain.com etc formats and people using mail scripts to hide the destination email address on the server side.

    Definitely a worth while article for new twitter / less web savvy users though.

  • http://ripsychotherapy.com Mike A

    Thanks for the heads up.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom