loginradiusloginradius Blog

How to secure an email address on your website

Harvesting bots are here to stay. Luckily, there are a few ways to hide your email address from spammers and hackers who constantly mine for the same. One way is through email harvesting. Let's talk about what it is and then explore the various ways to secure your email address.

The present-day internet is a hotbed of spammers and hackers, and you need to secure your email address. Hackers often scan websites and web pages to extract genuine email addresses and exploit them to attack users with spam messages.

This should really concern you because many of these spam emails carry potential malware. When you open your mail or click on a link that contains it, the malware gets naturally downloaded to your system.

For example, let's assume you have entered your email address on a website's contact page, then there's a big chance the email harvesting bots have found it. Thereafter, they start flooding your mail-box with spam emails.

Luckily, there are a few ways to hide your email address from such spammers and hackers who constantly mine for the same. One way is through email harvesting.

Let's talk about what it is and then explore the various ways to secure your email address.

What is Email Harvesting

Email harvesting is the process of collecting lists of email addresses via different methods. Generally, it is used for bulk emails or spam. Hackers use "harvesting bots," which crawl multiple sites, chat rooms, web forms, etc., in a few seconds to extract a list of email addresses.

Other techniques include:

  • Posting into UseNet with email addresses.
  • Gathering data from white and yellow pages.
  • Accessing the same computer used by valid users.
  • Accessing emails and address books on another user's computer.
  • Spamming through social engineering.
  • Buying lists from other spammers.
  • Hacking websites.
  • Using the method of guessing and cleaning.
  • Hacking mailing lists, webpages, web browsers, Internet relay chats, domain contact points, etc.

These methods allow spammers to gather email addresses and use them to send unsolicited bulk messages to the recipient's inbox.

6 Tips to Secure Your Email Address on a Website

1. Hide your email address while logging in.

One of the major mistakes committed by beginners is that they display their email address. If you are tensed and stressed about online hackers and threats, there is one solution you can always opt for.

You can always avoid listing your email address on various vague websites. Instead, you can use contact information through which genuine users can contact you.

2. Obfuscate your email address.

Add an obfuscate plugin puzzle to your email address so hackers cannot identify it. With the help of such plugins, you can replace your email address with codes. These plugins secure your email address from hackers and do not affect the user's usability.

3. Use a password manager.

Use a reliable password manager to change and replace all your passwords with solid, unique ones. We cannot sufficiently stress the importance of using strong passwords to secure your email address.

Hackers use credential stuffing where they literally jam previously stolen usernames and passwords to break into accounts on various services.

This is possible because a huge proportion of online users still use the same username and passwords across multiple accounts.


4. Use two-factor authentication or MFA, wherever possible.

When you set up your account passwords, look out for two-factor authentication (2FA)/ MFA as well. They are additional security layers that you can apply to prevent resets of unauthorized passwords significantly.

Whenever a hacker attempts to break into your email, you are notified and control the authority to accept or reject such attempts.

5. Replace your email address.

If you are not satisfied with any of the above solutions to secure your email address, you can always replace it with "". This would take the user directly to your contact page when they click on the email. This not only prevents tons of spam but also protects you from hackers.

6. Prevent email harvesting.

The following techniques can be used to prevent email harvesting:

  • Convert your email address into an image.
  • Merge your email address by changing the "@" sign to "at" and the "." sign to "dot."
  • Use the email contact form wherever possible.
  • Use email obfuscation in JavaScript. The email address will appear scrambled, encoded, or obfuscated in the source code.
  • Use HTML for email address obfuscation.
  • Prompt users to enter the correct CAPTCHA before revealing the email address.
  • Using a spider trap to combat email harvesting spiders.
  • Conduct mail server monitoring. This approach can be applied to the email server of the recipient. It dismisses all email addresses from any sender that specifies more than one invalid recipient address as invalid.


Harvesting bots are here to stay; thus, you must take appropriate measures to secure your email address. You can implement the above methods so that you don't become a victim of spammers and hackers in the long run.

Although it may take a while to get the hang of them, the results are worth spending time on.


Deepak Gupta

Written by Deepak Gupta

Deepak is the CTO and co-founder of LoginRadius, a rapidly-expanding Customer Identity Management provider. He's dedicated to innovating the LoginRadius platform. He loves foosball and winning poker games!

LoginRadius CIAM Platform

Our Product Experts will show you the power of the LoginRadius CIAM platform, discuss use-cases, and prove out ROI for your business.

Book A Demo Today