Email Tumbling – What is It?

Email tumbling is a way of filtering incoming emails using variations of a specific gmail address. For tumbling an email, users only have to insert a “+” or “.” into the pre-section of their email before adding other text. While this might be helpful to consumers in some regards, it could allow vehement abuse from fraudsters also. For example, a consumer can tag an email for a specified site as JohnSmith+1122233OnlineRetailerName@gmail.com, which would allow them to know that they had shopped online with a specified merchant on that day. However, this also becomes a benefit to fraudsters, as it allows them to commit fraud over and over on one account multiple times.  Using this method, a fraudster can submit forms or transactions multiple times with the same email.

Email tumbling can also refer to the use of sequential email addresses when it comes to fraud. For example, organized fraud transactions can go through multiple emails with sequential numbering.  A fraudster automatically generating email addresses can often look like johnsmith01@, johndsmith02@, johnsmith03@, dealing multiple transactions to these emails. 

Email Tumbling Infographic

What are Some Solutions?

One way to prevent such scams from happening is identity and address verification. To prevent multiple transactions from occurring, Fraud.net incorporates dozens of data attributes on shipping and billing addresses, phone numbers and email addresses. IP address verification, as well as data mining. Preventing fraudsters from taking advantage of email tumbling can be automated into your business’s fraud prevention services.