Want to prevent spammers from collecting the email address you use on your website?

You want to use your email address so your viewers have a way to contact you if they have any comments or questions. Therefore, you must place a “mailto:” link on your web page.

The problem is that one of the main methods spammers use to obtain email addresses is to send a bot onto the Internet whose primary goal is to find email addresses. The spam bot does this by looking at the HTML encoding that the browser uses to display the web page. It then saves the email address it finds after “mailto:”.

The two most common methods of “hiding” the email address:

  • Munging. In this method, the email address is not included in a link. Rather, it is supposedly hidden from bots by substituting words for various parts of the address. Example: johndoe at hotmail DOT com
  • Coding. The easiest way to do this is to use standard ASCII encoding to replace each letter or symbol in the address with its ASCII code. For example, the simple email address [email protected] would look like: & #97; & #64; & #98; & #46; & #99; & #111; & #109; (spaces added to prevent your browser from printing the actual lyrics)

The mailto: link can still be used, as the browser recognizes this code and prints the actual address on the web page.

These methods no longer work.

These methods may have worked when they were first introduced, but the intelligence of the hackers who program the spambots should never be underestimated. There are new bots that can crack both email encryption techniques.

These two methods by no means exhaust the possibilities. A Google search for “hide email address” returns over two million results. Even discounting duplicate methods, there are certainly quite a few nifty techniques available.

So what can I do now?

Without reviewing all of Google’s entries, I can predict beyond a reasonable doubt that the method I use does a better job of protecting your email address than any other. How can I be so sure? Because I doubt any hacker would have the time or the skill to write a bot that would let him get my email address, it’s so well hidden!

The method I use hides the address in a javascript which is in a separate web file in a completely different folder on the website. It does not appear anywhere in the HTML code of the web page. However, it DOES appear on the web page itself, where anyone can see it. but the bot has no eyes!

I hear you say, “But that’s impossible!” Well, it isn’t. Just visit the website in the paragraph below, and you can find out how it’s done.