When it kinda sorta looks like yours, but it's not.
In the question above, I've used "{example}"1 as a replacement for specific email addresses. In each case, the part before the "@" was the same; it was only the part after "@" that was different.
This is spam, nothing more. Mark it as spam and move on.
There are several ways this can happen, but there is one approach spammers use that explains most clearly what they're up to, and why.
Become a Patron of Ask Leo! and go ad-free!
Email to a similar address
Spammers often use email addresses similar to yours to get your attention and pique your curiosity. If you don't see your real email address on the message, it's likely to have been BCC'ed. Regardless, it's spam, and should just be marked as spam in your email program or interface.
The parts of an email address
Every email address consists of two parts: the part before the "at" sign ("@"), and the part after.
- The part after identifies the email service handing the email. For example, @gmail.com means the Google Mail service is used, @aol.com means AOL, @randomisp.com means that the server associated with randomisp.com is used, and @askleo.com means the Ask Leo! mail server handles that email address.
- The part before identifies the email account on that service to which the email should be routed. That is often someone's name.
Combing then two, then, an email address like "leo@askleo.com" means that the account called "leo" on the "askleo.com" mail server is the intended recipient.
Even when the part before ("leo") is the same, if the parts after ("@askleo.com" or "@randomisp.com") are different, then they are two completely separate and unrelated email addresses.
That unrelated part is important. While "leo@askleo.com" and "leo@randomisp.com" seem like similar email addresses, they really have nothing whatsoever to do with one another.
Spammers want your attention
When spammers spam, they're trying to get your attention so you'll read and act on whatever they place in the body of their message. One way to do that is to send "To:" email addresses similar to yours.
For example, if I used an email address like "leonotenboom@askleo.com", then a spam email sent to "leonotenboom@randomisp.com" might get my attention, even though it's not my email address. Especially since I have a rather unique name, seeing "leonotenboom" as an email address will at least grab my interest, even if I've never heard of "randomisp.com" or set up an account there.
One way spammers do this is by using email addresses already on their lists or email addresses discovered in data breaches. They take the first part (e.g. "leonotenboom") and then send spam to that account on all the major email services.
Let's say my email address -- {example}@askleo.com -- is discovered in a breach.
Some spammers will then proceed to send spam to similar email addresses on other domains:
- {example}@aol.com
- {example}@gmail.com
- {example}@hotmail.com
- {example}@outlook.com
- {example}@yahoo.com
and so on. They might send to hundreds or thousands of email addresses all beginning with {example}, regardless of whether or not those accounts actually exist.
Spammers ignore failures
Let's say spammers send emails to 100 different variations of {example}@ email addresses. Let's also say 99 of those don't exist.
Spammers don't care. Even if the emails generate 99 bounces, spammers don't care for either or both of two reasons:
- They're not monitoring replies at all.
- The "From:" addresses used were spoofed and have no relationship to the spammer, the source of the spam, or anything else. The spammer will never see any bounce message sent to that address.
This is why replying to spam never works: the spammers never see it and wouldn't care if they did.
And since spam is so cheap for spammers to send, it only takes one success for the hundred- (or thousand-, or million-) message campaign to be a success.
You might not be on the "To:" line
One thing that confuses people is that their real email address isn't anywhere on the message they got. As the question states: "[this bogus address] that the senders are using and they are somehow coming to me. "
No, it's not getting forwarded. As I said, the bogus address and your real address are not related in any way. Period.
Here's how the original email probably started:
To: {example}@aol.com
Bcc: {example}@gmail.com
Bcc: {example}@hotmail.com
Bcc: {example}@outlook.com
Bcc: {example}@yahoo.com
Only one of the email addresses is exposed on the "To:" line. It got your attention because it's an email address similar to your own, but it's not yours.
The email you got was BCC'ed along with all the other variations. You wouldn't see it, because you can't see who was BCC'ed on an email, but you would get it.
The email looks like it was sent to someone else (because it was), but you got it because it was also sent to you.
There's no forwarding going on
The original question included the following concern:
[an issue is that] the false address [is] being accepted for the senders and [then] being diverted to me
The concern was that the message was being sent to an incorrect @aol.com email address shown on the "To:" line, accepted there, and then somehow automatically forwarded or redirected to the correct email address @gmail.com.
No. That's not what happened. The message was not diverted.
- If the @aol.com address was legitimate, it was delivered to the recipient there.
- If the @aol.com address was bogus, it likely generated a bounce. As we've seen, spammers ignore bounces.
- If your correct @gmail.com address was BCC'ed, as is my theory, then the message was simply sent directly to you no matter what happened over at @aol.com.
Skepticism is always called for
As you can see, spammers play games to mess with you. They'll do anything to make things look legitimate -- or at least suspiciously legitimate enough to warrant your attention.
Don't fall for it.
Spam is spam, no matter what games they play.
The best solution remains:
- Mark spam as spam.
- Move on with your life.
And curse spammers under your breath,2 if you like.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Podcast audio
Footnotes & References
1: Again, a reminder that "{example}" is a placeholder for a real email account like "leonotenboom", "leo", or whatever the first part of your email address might be. I use this to avoid inadvertently listing someone's real email address. Other examples, like lnotenboom@askleo.com or lnotenboom@randomisp.com, are on domains I control, and hence I have no such worry.
2: Or not.
i sometimes get emails from people telling me, “stop sending me your dirty emails,
i`m not interested”. i simply reply that i didn`t send the email, i must`ve been spoofed.
mark it as spam and forget it.
i hope telling them to mark it as spam doesn`t affect my email address in any way.
I’d ignore those emails. They may be legit but there’s also a possibility that those are spam. If you continue to get emails like that, set a filter in your email program or Gmail website to send those emails to trash. I wouldn’t mark them as spam as they might be legit.
i don`t mark their emails as spam, but their replies come to me.
i tell them to mark the emails supposedly sent by me as spam.
that`s what i was hoping wouldn`t affect my email address.
Hi, folks.
I believe my case is more complicated.
Somebody in US has the same email address as I have. Not similar. The same exact address.
I keep receiving email sent to him. I asked Google but they say it is impossible, and that’s it. But I keep receiving his emails in my account. And I receive emails from other similar accounts too.
I’m in Brasil. The other people are in US.
Any hints?
It is simply not possible for two people to have the same email address. There is something different about his, OR you’re being included in addition to his, with some combination of To, Cc, or Bcc being involved.
It’s absolutely impossible for 2 people to have the same email address unless they are sharing the same account. The email address is the login name for the account and if you had the same email address, you’d each be getting all of each other’s emails.
I frequently get emails for someone with the same name as me. They have a dot in the first part of their address and I don’t but Google keep sending them to me. So, say I’m itsme@gmail, and they’re its.me@gmail. Mostly they’re medical messages, but why do they come to me? I also get Uber and McDonalds receipt emails for someone else but addressed to me at hotmail. I don’t know if they’re using my address or if it’s a mistake. Whoever it is is not using my email account for anything else and I have changed my password several times, so I guess the account is secure.
Gmail doesn’t pay any attention to dots in the address except for the dot in .com. myexample@gmail.com is identical to my.example@gmail.com and m.y.e.x.a.m.p.le@gmail.com.
I had the same situation: Getting mail for a gmail address the same as mine except for a dot. A few were from a fancy auto dealership and the others from a travel agency—both in Great Britain. I believe it was legit and the intended recipient is evidently living a lot better life than I am. I responded to the dealer and did get a polite response from a real person and so far no more emails.
Gmail ignores the dots. That email you mention in your comment sounds like spam.
Just relating my experience. I also thought it was odd that an email address could be so similar to mine, but does spam usually reply in a personal way, acknowledging a mistake?
Spam is created by people, so anything is possible.
@Sydney,
The other person is making an error. At account creation, that person would’ve been told the account name was “already taken” whether he used the dots or not. These are both recognized as the same address by Google, your address.
He likely was forced to add numbers or another letter to complete registration of his new account. To use your example – itsme@gmail, his real email address probably looks like its.me123@gmail.com or itsX.me@gmail.com. Now he’s completely forgotten that and is submitting what he originally intended as his account, rather than what he was forced to create. Every time he does that, you will get the messages instead of him.
Maybe he only made the mistake with Uber and McDonalds, so that’s why those are the only emails you’re getting in error.
That’s a plausible scenario.
Several years ago, my Yahoo account was involved in a data breach. If I understand correctly, email addresses were harvested from my contact list even though my email address was not compromised. Because one of my other email addresses was in my Yahoo contact list, I am still getting emails supposedly from me (My name appears as the sender but when you dig a little deeper you discover that the sender has a completely different email address)
Yup. That’s traditional “From Spoofing”.
Question about the dot: My email address is {first}dot{last}@comcast.net. My cousin’s email address is {first}{last}@comcast.net. We never get each other’s email. If comcast.net ignores the dot, how can that be? Does comcast.net treat addresses differently than gmail.com does?
Comcast doesn’t ignore the dot. It’s GMAIL that ignores the dot for GMail accounts.
Some email service providers like Gmail ignore the dot; others use the dot.
For example, I was able to get my {last}dot{first}@yahoo.com address when Yahoo started allowing dots. Someone else had already gotten my {last}{first}@yahoo.com address.
So, in Yahoo the dot (period) DOES matter s o m e o f t h e t i m e ! If an email address is initially set up in Yahoo as firstpart.secondpart@yahoo.com then a login using firstpart.secondpart@yahoo.com and the established password will work BUT the following are ALL true. 1) trying to sign in to yahoo using firstpartsecondpart@yahoo.com without the period and using the correct password will result in a failed login because the password is deemed incorrect. 2) trying to create a new account using firstpartsecondpart@yahoo.com will result in an error that the account already exists. 3) sending email to firstpartsecondpart@yahoo.com will result in a bounced email. 4) Only by sending email to firstpart.secondpart@yahoo.com will succeed.
The dot in Yahoo Mail matters all of the time. You can conceptualize the dot as another character in the address.
I keep hearing about setting up Gmail filters to direct the sudden influx of junk that’s landing in my inbox directly to junk. Since the senders keep changing, is this a losing battle? I mark them all as “Junk,” but they just keep coming.
Filters really only work if you can come up with a really good definition for “email that has these specific characteristics”. The most obvious one is “sender = email address”. You’re correct, since spammers are constantly attempting to get past spam filters by changing the From: address, filters are rarely useful in this case. Mark as Spam is about all you can do.
As I understand it, marking an email as spam also blocks anything with that sender’s supposed email address in most if not all email programs and websites. Blocking works in cases where a company you’ve been doing business that thinks it’s OK to spam you or supposedly legitimate businesses spam your business email with offers.
Spam from a company you’ve been doing business with doesn’t fit the legal definition of spam, but it fits the dictionary definition of unsolicited email, and if marking them as spam labels them as spammers with email service providers, that’s what they deserve.
Although, they might not all block email addresses marked as spam. Free Scout, for example, allowed 3 identical tickets all with the same email address and subject through, even after I marked the first 2 as spam.
Right now FreeScout (our Q&A ticketing system) has an extremely small database of spam to learn from. Since it’s a local install it has access only to the items we’ve marked as spam. No idea how “good” its spam filter really is yet. Given how difficult a problem it is, my expectations are low.
It’s not a big deal in our case. We only get a few spams a day and it’s a similar amount of work marking a question as spam as it is to check the spam folder for false positives. I’m just wondering how a spam filter can get it so wrong as to allow 3 identical spam messages through after marking the first 2 as spam.
Hi! I came across this page because I, too, have an email address with gmail and i often receive emails intended for another person. They do not seem to be spam emails at all, but rather real emails regarding their business dealings and applications for employment, etc. My email address is “(first name).(last name)@gmail.com. The other email address is (first name)(last name)@gmail.com, without the dot in between first and last name. How do I contact Gmail to change my email address because I am tired of receiving irrelevant emails intended for this other person who has the same name as me. Or do I just have to create a new gmail address all together? I have tried to find a phone number to talk to a live person at Google but have been unable to successfully do so. Please advise.
Thank you!
Michelle
There is no one to contact at Gmail. This is one of the “costs” of free email.
I would recommend NOT changing your email address. If it really bugs you that much I’d set up a rule/filter to automatically archive or even delete any email that comes in destined for “(first name)(last name)@gmail.com”. (I recommend archive, since it’s also possible a legitimate contact of yours might forget the period. )
firstname.lastname and firstnamelastname in Gmail are the same address. Google ignores periods in email addresses. That being the case, the sender(s) appear to mistaking your address for theirs. I’d write the senders of those emails and let them know they are sending to the wrong address.