Organizations can buy a legitimate commercial email list in several ways. Infosec pros should develop relationships...
with marketing departments, and integrate themselves into their projects. This doesn't mean constant communication about all of the details, but if there is a question of technology use, the IT department should take action to ensure the information security risk is minimized for the organization. This could mean explaining to the marketing department that using the list they bought on the black market could have negative repercussions, such as reputation loss or being put on spammer blacklists. Companies can also buy or rent a list through legal means, or get access to addresses by sponsoring an event like a seminar or conference and making it clear the participants' contact information is going to be used for marketing purposes related to the event.
Make sure the marketing department is only purchasing lists from legitimate businesses, and scrutinize the terms and conditions under which the email addresses were collected. Then, be sure to honor the original terms and conditions when sending commercial email to the list.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Nick Lewis
Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to ... Continue Reading
The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common... Continue Reading
A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.