In digital promotions and contests, integrity and fairness are fundamental values to ensure that all participants have a fair experience. However, there is a bad practice that threatens these bases: the use of temporary emails. In this article, we will explore what this fraudulent practice is, its implications, and the threat the newly created time domains represent.
Temporary Emails: What are they and why are they problematic?
Temporary emails are email addresses that are created for the sole purpose of using them for a limited period of time. These addresses are commonly used in online contests or promotions when users try and avoid the restrictions and rules established by platforms such as Easypromos.
Promotion organizers usually enable the option to verify the email address entered by the user. This solution consists in sending an email with a verification link to the address entered. If the user clicks the validation link from their inbox, we make sure that the user has entered an email address that is capable of receiving an email, is in use and that the participating user also has access. The address in this case seems legit.
However, temporary emails were created to bypass this control. Using a temporary email is really easy, and is widely used by users who oftentimes participate in online contests. There are thousands of websites that offer these services: yopmail.com, temp-mail.org, etc.
Users who resort to this practice can generate multiple temporary email addresses to increase their chances of winning in the promotion. This strategy not only threatens the integrity of the contests, but can also have negative consequences for the brand's reputation and user trust in the platform.
How can the threat of temporary emails be combated?
The issue is combated by maintaining an updated list of all temporary email domains. There are currently tens of thousands of domains identified as temporary emails. Easypromos maintains an database of these domains that is constantly updated, and in addition each new domain that enters the platform is verified against external services specialized in detecting these temporary domains. However, there is a real threat, which is the newly created temporary domains, which have not yet been identified by these databases.
The threat of newly created temporary domains
Internet services that offer temporary email addresses work with already created email domains: mailinator.com, temp-email.org, 10minutemail.com, etc.
But these services also allow users to link new domains. This means that a user can buy a new domain, link it to these services, and start using it as a new temporary email. It will still take a few days or hours for security services to detect this new domain and add it to their databases.
These domains are extremely easy to create and use, requiring little time and resources. Malicious participants can take advantage of this ease of process to create email addresses with temporary domains that can go undetected for a short time.
Detecting these domains can be challenging, as detection algorithms can take time to identify behavioral patterns and characteristics associated with fraudulent practice. During this time, dishonest participants can take advantage of the vulnerability.
How Easypromos addresses this threat
At Easypromos, we are committed to integrity and fairness in our contests. We implement proactive measures and advanced detection tools to identify and prevent the use of temporary emails and newly created domains. The main tool is the security center, which sends alerts to the Easypromos security team and the promotion organizer when the use of a temporary email is detected, and includes an analysis tool for the emails used by users and their distribution. This helps to identify the use of new domains.
It is easy to identify if a domain is newly created, by the format of the email, since normally the first part of the email uses random alphanumeric strings.
Our technical support team is constantly working to improve these measures and ensure a safe and fair experience for all participants.