Email harvesting is the automated acquisition of email addresses for unfair advertising, phishing attacks, or spreading malicious software, and is usually software-supported. For this purpose, specialized programs (known as ‘email harvesters’) search websites, mailing lists, internet forums, or social media platforms for email addresses. The characteristic syntax, which corresponds to all email addresses, delivers the sought-after contact information. Simple search patterns in a website’s source text search for @ signs. This sign is not normally found in natural texts, but is used in email addresses to separate the username and domain from each other. Transcribing the address provides little protection. More refined spambots can even search for popular alternative spellings such as [at], [AT], (at), (AT):
User@domain.com
User[at]domain.com
If the @ sign or its equivalent contains two special characters separated by a dot, this is a clear indication for the harvester that this is an email address. Even changing the 'dot' in front of the top-level domain offers comparatively little protection and makes it harder to read:
User[AT]domain[DOT]com
Even more revealing than the @ sign, is the HTML email link 'mailto:user@domain.com'. This allows website visitors to open their preferred email program with a simple click. The recipient address is automatically copied to the corresponding field. This is practical, but still doesn’t stop the spambots from realizing this is an email address. Website operators are therefore advised not to use traditional patterns when it comes to providing contact options. At the same time, human site visitors should still be able to read the address so they can easily contact you if they need to.