Unmasking Data Sellers

How to Use Honeypot Email Addresses

By Christopher Robison


Ever wonder how your inbox gets flooded with promotional emails from companies you’ve never heard of? Chances are, your data is being sold or shared without your explicit consent. But how can you find out which websites are the culprits? In this post I explain how to setup a honeypot email address to catch data-selling websites red-handed.

What is a Honeypot Email Address?

A honeypot email address is a decoy email that you use exclusively for signing up on websites, newsletters, or online services. The idea is simple: if you start receiving unsolicited emails to that address, you know that the website you used it on has likely sold or shared your data. If you own your own domain[s] and can setup email aliases then you can too can investigate who is selling you out.

How to Set Up a Honeypot Email Address

Setting up a honeypot email address has varying levels of difficulty, depending on your expertise, your ISP’s tools and mostly your ability to create many unique email aliases or accounts. This requires a domain that you control that receives email that you can configure or a whole lot of gmail accounts.

Step 1: Create a New Email Address

Create a new email address that you’ll use solely as your honeypot. This should be separate from your personal or work email to avoid any confusion.

Step 2: Use Aliases

Many email providers like Gmail allow you to create aliases by appending a plus sign and additional text to your email address (e.g., yourname+website@gmail.com). This way, you can track which website the spam is coming from.

Step 3: Sign Up

Use this honeypot email when signing up for newsletters, online services, or any website that requires an email address.

Step 4: Monitor

Keep an eye on the inbox and take note of any unsolicited emails. If you start receiving spam, check the alias to identify the source.

Benefits of a Honeypot Email

  1. Accountability

    By identifying which websites are selling your data, you can hold them accountable and opt to discontinue using their services.

  2. Awareness

    It raises awareness about the extent of data selling and sharing that occurs behind the scenes.

  3. Control

    It gives you more control over your personal data and who has access to it.

Limitations and Considerations

  1. Time-Consuming

    Setting up and monitoring multiple honeypot emails can be time-consuming. What are you getting in return and what is that worth to you?

  2. Not Foolproof

    Some savvy data sellers may strip email aliases or use other methods to obfuscate the source.

  3. Legal Ramifications

    While it’s tempting to publicly shame companies that sell your data, be cautious. Accusations could have legal ramifications, so it’s best to approach the company privately first.


Honeypot email addresses are a clever and effective way to find out who’s selling your data. While it’s not a perfect system, it does offer a level of control and awareness that can be empowering for users. So go ahead, set up your honeypot, and start unmasking those data sellers. Knowledge is power, especially when it comes to protecting your personal information.


Leave a Reply

Comment? Suggestion? Just plain mad? Why not Leave a comment and let everyone know what you're thinking. Your email address will never be shared or published. Required fields are marked *