Public Information and Email Spam, (Mon, Feb 5th)

Category :

SANS Full Feed

Posted On :

Many organizations publicly list contact information to help consumers reach out for help when needed. This may be general contact information or a full public directory of staff. It seems obvious that having any kind of publicly available information will increase the liklihood that these accounts will receive spam or phishing emails. To help understand a bit of this, I set up a brand new domain with a very basic website and collected email using Amazon SES [1] for a couple of weeks. The website contained email addresses in a variety of formats:

email (at) domain
email@domain (hidden in HTML comments)
web form

The site was made live on 1/21/2024 and within a few hours started receiving scans. 

Email Address /  Source
Number of Emails Received
Time to Receive 1st Email (Days)

Web Form


email@domain (HTML Comments)

email (at) domain

The time to receive an initial email was much longer than I suspected. While scanning of the website happened within the first few hours of the website being publicly available, incoming emails took a couple of days. The web form was also the first method used to submit any content. 

Common themes of the emails received included:

Website redesign
Android app development
Marketing /sales

Email Subjects:

FYI- Redesign your website ? 
What is the next for <domain>
Price List
Revealed: Hiring Freelancers Save You Time & Money in 2024
Re: Delayed Payment – 2024/1/30 8:00:00
Android App Development !! 
Re: Call to update your website $
your Sales Funnel…? 
Re: Uncompleted Payment – 2024/1/30 5:25:28

Sending domains:


At the time of this writing, there were no emails received for an address in this domain that was not listed on the website. There is definitely an impact on spam received when an email address is made publicly available. As more data is collected, more patterns may emerge from source domains and networks. 

Consider limiting data accessible on public resources to help combat spam messaging including contact pages and forums. 


Jesse La Grew

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.