Most of us sign up for things online without thinking too much about it.
A shopping discount.
A free download.
A newsletter.
A random account we only need once.
Then, a few weeks or months later, the spam starts.
Suddenly your inbox is full of offers, fake promotions, suspicious “limited time” deals, and emails from companies you do not remember giving your information to.
The annoying part is not just the spam itself.
It is the question behind it:
Where did they get my email?
There is a simple trick that can help you figure that out.
The “middle name” trick
When you sign up for a website, you often need to enter your first name, last name, and sometimes a middle name.
Instead of leaving the middle name blank, you can use that field as a small tracking label.
For example, if you sign up for a website called ExampleStore, you might enter:
- First name: John
- Middle name: ExampleStore
- Last name: Smith
Later, if you receive an email addressed to “John ExampleStore Smith” from a company you do not recognize, you have a clue.
That does not always prove the original website sold your data. But it does tell you that the version of your information you gave to that site ended up somewhere else.
That is useful.
Because instead of wondering where the spam came from, you now have a starting point.
Why this works
Most companies store the details you provide when you create an account.
Your name, email address, phone number, location, birthday, and other profile information may end up in customer databases, marketing tools, analytics platforms, customer support systems, or third-party services.
In a perfect world, that information would stay private and secure.
But in reality, data can spread in many ways.
A company might share it with marketing partners.
A third-party tool might get breached.
A mailing list might be poorly protected.
A database might be sold, scraped, leaked, or misused.
By slightly changing the information you give to each website, you create a kind of “data fingerprint.”
If that exact version appears later in spam or marketing emails, you know which account it likely came from.
Another method: email aliases
A lot of people use a similar trick with email addresses.
If you use Gmail, you can often add a plus sign and a label after your username.
For example:
yourname+examplestore@gmail.com
Emails sent to that address should still arrive in your main inbox.
So if you later receive spam at yourname+examplestore@gmail.com, you know that address was connected to ExampleStore.
This method is simple and easy to search in your inbox.
You can create labels like:
yourname+amazon@gmail.comyourname+newsletter@gmail.comyourname+fitnessapp@gmail.comyourname+freebie@gmail.com
Then, if one of those addresses starts receiving junk mail, you know where to look.
But there are limits
This trick is helpful, but it is not perfect.
Some websites do not allow plus signs in email addresses.
Some companies may remove anything after the plus sign.
Some spam may come from data breaches rather than intentional selling.
Some emails may come from legitimate third-party services used by the original company.
So this is not always a way to “catch” a company doing something wrong.
It is better to think of it as a tracking habit.
You are giving yourself more visibility into where your personal information travels.
A more reliable version: use email aliases
If you want a cleaner setup, you can use dedicated email aliases.
Some email services let you create different aliases for different purposes.
For example:
shopping@yourdomain.comnewsletters@yourdomain.combanking@yourdomain.comapps@yourdomain.com
Or, if you own a domain name, you can create unique addresses for each website:
amazon@yourdomain.comnetflix@yourdomain.comfitnessapp@yourdomain.com
This gives you more control.
If one address starts receiving spam, you can block it, filter it, or shut it down without affecting your main email address.
This is especially useful for people who sign up for a lot of online tools, newsletters, trials, shopping sites, or downloadable resources.
What you should not do
Do not use fake or confusing information for important accounts.
For banks, government services, insurance, healthcare, tax accounts, travel bookings, and anything involving identity verification, use your real legal information.
The tracking trick is better for lower-risk accounts, such as:
- newsletters
- shopping sites
- free trials
- online communities
- software downloads
- coupon websites
- general apps
You do not want a small privacy trick to create problems when you need customer support, account recovery, billing verification, or legal documentation.
A simple system you can start using today
Here is a practical version:
For casual sign-ups, add the website name as a middle name or company name if the field is optional.
For email, use a plus address when the website accepts it.
For example:
yourname+sitename@gmail.com
For higher control, use a dedicated alias service or your own domain.
For important accounts, use your real information and keep security strong.
That means using:
- unique passwords
- a password manager
- two-factor authentication
- fewer unnecessary sign-ups
- regular email filters
- separate email addresses for different purposes
Privacy is not about hiding everything.
It is about reducing how much of your information spreads without your knowledge.
The real lesson
The best part of this trick is not that it exposes one specific company.
The real lesson is this:
Every time you sign up for something online, you are handing over a small piece of your identity.
Most of the time, you never see where that information goes.
A tiny label — in your name field, email address, or account details — gives you a way to follow the trail.
It will not stop all spam.
But it can help you understand your digital footprint better.
And sometimes, that small bit of awareness is enough to make you more careful about where you enter your information next time.
