Unicode Converter / Encoder
Converts text into Unicode Equivalent.
FIGHT EMAIL SPAM!
Every hour of every day, Spam-Bots [a.k.a. Email Harvester programs] are
scouring the web looking for email addresses to add to their spam list
databases. If you have a website with an (unprotected) email address on it,
sooner or later, the
spam-bots will find it. Your email address will be "harvested", you will
be added to the spammers' lists, and your email in-box will be flooded with
spam.
So what can you do? After all, you need your email address on your website so
that people can contact you. The key is to "protect" your email address.
One extremely simple and generally effective way to protect it is to encode your email address by
converting it to Unicode. While a browser will read and decode Unicode,
most Spam-Bots will not recognize it, and will pass it by... READ THE FULL
ARTICLE BELOW..
SPAM-PROOF
YOUR WEBSITE IN TWO SIMPLE STEPS
by Art Stevenson
Copyright ©2004 All Rights Reserved
Spam: A serious and growing problem.
In 2001, 8% of the email sent was spam. Today, according to industry experts, 64% to 85% of all email sent
is spam. Spam is a huge productivity drain on
business. The current popular tool for fighting spam is the spam filter. Spam
filters have proved to be a necessary but imperfect tool in the war on spam. The problem is
that spam filters often let some spam through, and worse, sometimes filter
legitimate email. What is the cost of one or two lost sales a month because of
an overzealous spam filter? A better solution to fighting spam is to keep
your email addresses off of the spam lists.
Where does spam come
from?
According to a
2003 Center for Democracy & Technology (CDT)
study, the majority of spam comes from email addresses harvested off the
internet. “Spam-bots” (also known as email harvesters and email extractors) are
programs that scour the internet looking for email addresses on any website they
come across. Spambot programs look for “myname@mydomain.com” and then
record any addresses found into the spammer’s database.
Several companies sell
Spambot programs. They can be purchased for as little as $40, and most
companies offer free limited-feature demo programs. Anyone with an internet
connection can use one. Spambot programs can do a general search, or can be
told to look at specific websites, or, for example, can be targeted to do a
Google search for “senior living” and then examine the first 10,000 websites
they find. They can follow the links in websites to find other websites. If
your website hasn’t been found by the spambots yet, it will be.
Should I worry?
Yes. The Federal Trade
Commission (FTC) did a
study in 2002 in which they posted different newly created “undercover”
email addresses on various websites. They found that within six weeks, 86
percent of the posted email addresses were receiving spam.
How to avoid being
spammed.
STEP ONE: Encode your HTML (myname@mydomain.com).
The key to not having your email “harvested” is to encode or
disguise your email address so the spambots don’t recognize it. You can
accomplish this quite simply by converting part of your HTML to
Unicode, a universal “symbol-based” language that uses numbers to represent
different characters (i.e. “a” is “a” and “@” is “@”).
Modify
your HTML as shown below, changing “@” is “@” and "." to ".”. Substitute your name and domain name,
of course.
find all
occurrences of
<a href=“mailto:myname@mydomain.com”>myname@mydomain.com</a>
and replace with
<a href="mailto:myname@mydomain.com">myname@mydomain.com</a>
We tested several demo-version email harvesting
programs and found that changing the "@" and "." to their Unicode equivalents
was sufficient to fool the spambots. However, if you want to convert your
entire email address to Unicode, you can use our
text-to-Unicode converter.
There are several other methods of hiding your email address, each with
advantages and disadvantages. One method, for example, is to use
javascript to disguise
your email address, but doing so limits the ability of visitors without
java-enabled browsers to email you. Whatever method is used, one should
consider that any email address that
can be seen by a visitor, can also potentially be seen by a spammer. No method should
ever be
considered completely guaranteed, and thus one should always also implement step two.
STEP TWO:
Use “disposable” contact email addresses on your website.
Do not use your primary
email addresses (i.e. “sales”, “info”, or “yourname”) on your website. Instead,
use a disposable contact email address, such as contact-us@mydomain.com,
contactus@mydomain.com, or contact04@mydomain.com. When new customers email you, reply to them with
your primary email address. If your disposable website email address is ever compromised
by a spammer,
you can then simply replace it with a new one, and set your email spam filter to delete any
future mail to the compromised address. If previous customers need to email
you, they most likely will check their email program’s inbox and reply to the primary
address that you used to respond to their initial inquiry, or they will go to
your website where they will see your current disposable contact email address.
Does Unicode email
encoding stop spam?
In CDT study sited above, email addresses that were encoded with Unicode
never received any spam. Our own experience is the same. We launched our business website,
Pinnacle Trade Show
Displays, in
1998. Within 2 years, business was booming, but so was the volume of spam we
were receiving. We came across the Unicode tip somewhere on the internet, and
implemented it. We also placed new, disposable contact email addresses on our
website. In the last four years, we have never received any spambot-generated
spam on our new email addresses.
Will the spambots
learn to read Unicode in the future?
Probably not, since
there is little incentive. Analyzing HTML for Unicode and then decoding it
would require more computational power and would slow the spambots down. There
really wouldn’t be much benefit to the spambots, since the vast majority of
websites have not encoded their email addresses. Based on our own experience
and informal calculations, over 90% of websites have unprotected email
addresses.
Just for giggles, we
checked the “experts” by going through the DMOZ directory for “Email:
Spam Prevention”. Of the 29 website listed, 2 were dead links, 3 used forms
for contacting them, 1 used javascript to mask their addresses, 1 used Unicode
to mask their addresses, and 22 had unprotected email addresses. But of
the 5 that attempted to protect their email addresses, 4 still had unprotected
addresses on their sites. Thus, of 27 working websites, 26 had unprotected
email addresses! If you encode your website’s email addresses, you’ll be
doing better than 96% of the experts.
In conclusion...
1) If you don't do anything to protect your email address, it most likely
will be spammed. In the 2002 FTC study, 86% of their new unprotected addresses were being
spammed within six weeks.
2) There are several ways to disguise your email address - Unicode is one simple
and effective method. However, no solution is guaranteed. Any email address that can be obtained
by a visitor could also potentially be obtained by a spammer.
3) Because no solution is guaranteed,
always use a
disposable contact email address on your website that you can then discard if it is
every compromised by a spammer.
article copyright © 2004 Art
Stevenson,
Pinnacle Trade Show
Displays
Permission is hereby
granted to reproduce this article in its entirety
provided
(1) all of the hyperlinks in the article are kept intact, and
(2) the full copyright notice and credit, including hyperlink, is kept intact.
copyright ©2008 Pinnacle Displays, Inc.
http://www.pinnacledisplays.com
|
