Typoed email addresses
By creating web domains that contained commonly mistyped names, the investigators received emails that would otherwise not be delivered.
Over six months they grabbed 20GB of data made up of 120,000 wrongly sent messages. BBC News
The focus of the article is on how companies are opening themselves up to security holes. While most marketing email doesn’t come with security risks, some of it does. For instance, some companies require a user type their email address in to reset a password. If the user typos the email address, the password can be sent to a completely unrelated third party. Depending on what information is stored in the account, some accounts have credit cards, for instance, this can be a problem for the customer.
All senders should think about the security implications and go through account processes with an eye for “how can a typo cause problems?”