- Impact
- 564
I called it "dot com leak" when users typed a dot com domain names instead of the intended extensions.
As I develop my projects, I setup catchall email service for some of my .com domain names . unbeknownst to me, I started to receive emails to these email boxes.
At first I thought they were just random spams, but soon I realized people habitually typed in the .com domain name instead of .net, .io, .ai, .co, and even typo .com's.
Some of the emails I received were harmless, for example, signup for newsletters, promotions from Sears. But then I started to get confidential pricing spreadsheets, password reset requests, 2FA codes,
The oddest one was from Nike China, a private sale notification, which can only be describe as someone was trying to goose the signup numbers as I keep receiving new member welcome emails with different email addresses.
Do you have a similar experience with your catchall email?
As I develop my projects, I setup catchall email service for some of my .com domain names . unbeknownst to me, I started to receive emails to these email boxes.
At first I thought they were just random spams, but soon I realized people habitually typed in the .com domain name instead of .net, .io, .ai, .co, and even typo .com's.
Some of the emails I received were harmless, for example, signup for newsletters, promotions from Sears. But then I started to get confidential pricing spreadsheets, password reset requests, 2FA codes,
The oddest one was from Nike China, a private sale notification, which can only be describe as someone was trying to goose the signup numbers as I keep receiving new member welcome emails with different email addresses.
Do you have a similar experience with your catchall email?