Again I lack a good title but both will serve nicely for this one.
These days it’s very easy for me or anyone who knows you to collect sensitive contact information about your customers, sales reps, fabric sources, sewing contractors and finances. Best of all we don’t even have to ask for it because you just send it to us. It’s harmless to send it to me (I know for a fact that others have copied and pasted your juicier data into a database for their own use) but do you really want everyone -including your competitors- on your contact list to have that? I didn’t think so. What’s most shocking is who is doing it; everyone from computer neophytes to Ph.Ds in computer science.
So how is it that you are sending your most privileged sensitive business contacts to everyone you know however casually? That’s easy, you’re not using BCC from your email window. This is the rule: if you’re sending email to multiple recipients, use the BCC option. Never put the email addresses of people who don’t know each other in the To or CC fields. The only exception is by explicit or implied pre-agreement in that every recipient has the need to communicate with everyone else in the group.
Here’s how it happens:
Someone you’ve emailed has an infection. A spam harvesting program reads the email addresses in the CC field of your email and responds by spamming everyone in that list. What’s worse is if you send an email to your entire contact list with an apology and disclaimer which negates your own apology if you also didn’t use the BCC option. Meaning, anyone who receives your message has the email address of every other recipient and people’s reactions will range from annoyed to offended to very angry. If anyone receiving your CC’d group email has an infection, the cycle starts all over again because they spam everyone in your contact list.
Other than the damage you can do to yourself, it creates two problems.
1. You are violating every recipient’s privacy and exposing them to spam.
2. Your security breaches are akin to forcing everyone you email to have unprotected group sex with everyone else you email. Their only connection to each other is that they each know you.
My policy now is that if I get a spoofed spam email from you with multiple addresses in the CC field, I delete it unless it is obvious the entire list came from you -in which case I mark it as spam. It’s easier to know the list came from you than you’d imagine (we know many of the same people). If that ambiguity is removed because I get an apology email from you with your entire contact list in the CC field, I can safely add your address to my blacklist because your poor security practices are confirmed and it’s not fair to expose me to more spam. If it matters, I don’t do this happily.
When I’ve explained this to people they insist there is no BCC option in their email window. I don’t believe there is an email program in existence without it. You just haven’t noticed it. Look for it.
A related mechanism is now at work on Facebook and it is even more annoying. Someone will add X number of their contacts to a conversation and then anyone who was added (without their consent) receives updates from people they don’t even know whether they’d wanted to be included or not. I solve that by unfriending whoever it was who added me without my consent. The only saving grace is you don’t get too many emails because the people who tend to do this don’t have many friends. Somehow I don’t think that is a coincidence. They probably bleed friends.