Ask Slashdot: Someone Else Is Using My Email Address

periklisv writes: I daily receive emails from adult dating sites, loan services, government agencies, online retailers etc, all of them either asking me to verify my account, or, even worse, having signed me up to their service (especially dating sites), which makes me really uncomfortable, my being a married man with children... I was one of the early lucky people that registered a gmail address using my lastname@gmail.com. This has proven pretty convenient over the years, as it's simple and short, which makes it easy to communicate over the phone, write down on applications etc. However, over the past six months, some dude in Australia (I live in the EU) who happens to have the same last name as myself is using it to sign up to all sorts of services...

I tried to locate the person on Facebook, Twitter etc and contacted a few that seemed to match, but I never got a response. So the question is, how do you cope with such a case, especially nowadays that sites seem to ignore the email verification for signups?
Leave your best answers in the comments. What would you do if someone else started giving out your email address?

Reverse the role

When you find you have been signed up for a legit company site. Go to the site using your email and press the forgot password on the site. When you get the email back, log on and maybe you can get the information that you need to track him down.

It's probably not one person.

[mellon]

The problem is that there are so many people that just a typo will do it. This is why big email aggregators are a bad idea (there are reasons why they are a good idea, of course, or they wouldn't exist, but this is one of the reasons why they aren't).

Unfortunately there is no way to prevent these--there's no test that will reveal them as errors.

Obligatory XKCD

https://www.xkcd.com/1279/

Take over!

[mhkohne]

If this person has used your e-mail for his sign-ups, it should be possible for you to take over their accounts by doing password reset.
Do so.
Change the passwords and lock them out.
Shut off any functionality that annoys you, or that costs them money, but try to leave the account intact so they can't re-acquire it.

They'll be forced to re-acquire the account with an e-mail they actually control, at which point perhaps they'll stop accidentally hassling you.

Of course, have a talk with your spouse before doing this, you don't want to create drama at home.

Ditto. There's nothing you can do

[seoras]

Back in '97 I registered a personal domain [firstname][lastname].com and I have a very common Anglo name.
Email address is [firstname]@[firstname][lastname].com

There's a real estate agent in Florida who's been happily giving out my email address to clients, lawyers, banks etc for a decade now.
I've had very personal information emailed to me, bank loan applications etc.
I even had one person start an email fight with me, refusing to believe I wasn't who they thought I was, which I ended by point them at the "whois" ownership record of my domain.

There's nothing I can do about it, nor can you. Just delete the emails that come in and filter. Or create a new email account.

The year before I registered my email address I had been using [lastname].freeserve.co.uk which was the UK's first large scale ISP.
I had some idiot email me a plan to rob their local supermarket which I passed on to the authorities...

Re:Reset the password on the accounts.

[ShaunC]

Yes, exactly. I have the same problem with my Gmail account. Over the years many hundreds of people have mistaken it for their email address, distributed it far and wide, and entered it into all sorts of things. Sometimes I just let it go, especially if a site only sends one "thanks for registering" email. I hit delete and move on. But if the service is a particularly spammy one, I'll use the "forgot password" link, login, change the password, turn off all email-related options, etc.

I used to look for an option to delete the account entirely, but that invariably led to the same people signing back up for the same services again. Occasionally I'll try to do the other guy a favor and tell the sender that they have the wrong address. It usually isn't worth the effort. Someone has a Royal Bank of Scotland account registered to my email and no amount of emailing, filling out their contact form, or tweeting at them ever did any good so I just filtered that domain out.

Not much you can do about people sending random unsolicited communications, though. I've received some really interesting misdirected mail over the years, including some stuff from the European Space Agency, and being cc'd on an NFL player's contract negotiations with a new team.

Re:I have a similar problem

[LostOne]

I think you'll find this turns out *not* to be true. What is significant in the "local part" of the email address is *up to the local system* as long as it is in the set of characters that are permitted. Of course, Google (and anyone else for that matter) is perfectly allowed to ignore dots in the local part. But everyone is also perfectly allowed to treat them as significant.

Also, your wiki link does not back up your assertion that "A.BC" and "ABC" must be the same mailbox. It only gives rules on where a dot can appear unquoted in the local part. It does not say that it is to be ignored when routing.

Additionally, decades of operational practice on the Internet also directly violates your assertion. Dots have *always* been potentially significant for a local part. They were required for compuserve addresses back in the beginning, for instance.

NOTE: I am NOT saying that Google is doing things wrong. What they are doing is allowed. They are free to interpret the local part however they want. However, they are NOT required to ignore dots.