Section 1: SPAM - What and Why
1.1) What: Unsolicited email
1.2) Why: To either advertise to you or to collect your email address now for future advertisements.
1.3) How: There is so many ways that the majority of this document addresses the "HOWs".
Section 2: Types of SPAM
2.1) Once spammers obtain your email address, they usually add it to their list and use automated software to send out emails. You can expect to receive 2 types of emails: advertisement emails and address validation emails. The remainder of this section outlines these 2 types.
2.2) Advertisement Emails: They are just that... emails aimed at selling you something.
2.3) Address Validation Emails: Once a spammer retrieves your address through one of a variety of methods, he/she will likely send out emails containing either just garbage text or a false advertisement to see whether or not your email server bounces the email back stating the address is invalid. If no bounce back email is sent, your address is assumed to be valid. The other method which is more accurate is to send a "Read Receipt" request with the email to you. If you have Read Receipts enabled in your email software, a confirmation that you received the email will be sent back to the spammer. NEVER enable Read Receipts.
Section 3: How Spammers Get Your Address
3.1) If you reply to the spam in any way to say something like "Please stop sending me emails", you have just given the spammers 100% certainty that your address is valid. Your address will then be added to a list of definite "Valid Addresses". That list will then be sold to advertisers at a premium price. NEVER reply to spam.
3.2) Many spam messages contain images which are used to validate your address without you even knowing it. The spammer's automated software first creates an image on their server with a unique name and then sends you an email containing a link to the image. Once you open the email and the image is displayed to you, their server logs are updated showing that you accessed the image. Since they only sent that unique image to you, they know it must have been you that accessed the image. Your address in now validated. Your address will then be added to a list of definite "Valid Addresses". That list will then be sold to advertisers at a premium price. NEVER set your email program to automatically display images in emails.
3.3) Spammers have software that automates the process of reading websites, newsgroups, mailing lists and just about any public place you can think of. If you advertise your address ANYWHERE, expect spammers to get it. If you use an online classified service, either choose a service that has email address protection methods in place or provide your telephone number as your only contact method. I could list a million examples of places your address might be found such as white/yellow pages, social group membership lists, website profiles, etc. but I would rather stress the fact that the more public your address is, the easier it is for spammers to get it.
3.4) Many people send emails to multiple recipients at the same time and put all the recipients' addresses in the either the To or Cc field. This is a VERY BAD practice because every recipient can see everyone else's address. The better way is to send the message "To" yourself and put all the recipient addresses in the "BCC" field which is the Blind Carbon Copy field. All recipients in the BCC field will receive a copy of the email but nobody will be able to detect that they received a copy, thus, eliminating the possibility of the addresses being collected by a spammer.
3.5) Often emails are sent to only "trusted people" so the BCC field is not used. This is not a good idea because your "trusted" recipients often find your email either funny or interesting or important enough to forward on to their "trusted" people. If they simply forward the message, all the addresses of your recipients are sent to all their recipients. The cycle continues on and on collecting more addresses each time. Eventually someone becomes the victim of an email address collecting virus or posts the email in some public manner or is a spammer themselves. In any case, all the addresses are in the hands of spammers. Sometimes spammers create legitimate (or non-legit) emails about virus warnings or other important info and make it look like it comes from an authority on the matter. The sole purpose of these emails is to get you to forward them on to everyone you know. They just hope you are not smart enough to use the BCC field.
Section 3: A few points to ponder
4.1) It is impossible to tell you all the ways to protect your email address because spammers keep getting smarter. All I can suggest is that you guard your address as carefully as you can. Personally, I stopped fighting the battle because the point of an email address to provide a means for others to contact you. If I can't give my address to anyone then there is no point in having the address. What I did opt to do is install SpamAssassin which is a FREE software program that does a VERY GOOD job of filtering out spam. I have a LOT of email addresses that are highly published; however, I read very little spam because the hundreds of spam messages I receive daily are filtered out before I check my inbox. SpamAssassin is generally installed on a server to filter all addresses on the server instead of just an individual address. Check with your email provider to see if SpamAssassin is available on their server. If it's not, ask them to install it - It's Free.
4.1) Don't believe what you see. When you send a letter through the postal service, you manually write the return address on the envelope. The "From" field in an email is just as easily forgeable. Just because it appears to come from someone does not mean that it actually does.