The Blog of Ian Mercer.

Protecting your customer database by including fake people!

Last week I received a spam email. The interesting thing about it was that it was sent to an email address that I used for only one purpose: signing up to a local startup's service. By using a unique email address for every site (and a catch-all to funnel them into one email box) I can track each email that I hand out. I hadn't even used that particular site since signing up and there was no recent email to or from them in my inbox.

But since I received spam on that email address I can conclude one of three things:

​1) My own computer has been compromised - unlikely since I would likely receive spam on all my email addresses if that were so. 2) Someone at that startup sold the customer database to someone else 3) That startup has had their security compromised and someone has stolen their customer database.

And so to the question:

What measures do you put in place in your startup to protected your customer database? Do you seed your customer database with fake names and emails so you can track how it is being used?

Seeding customer lists to track usage has been standard operating procedure for direct mailing lists for decades. Any list that you rent to mail to will have seeds in it that the list owner uses to track each mailing to ensure that it has been paid for.

As a startup, if you aren't seeding your customer database in this way, you should be.

Related Stories