Email from a company whose website I was browsing

Hello,

I was wondering how an online retailer could have gotten my email address. I was browsing at their website yesterday, and this morning I received an email from that retailer. I had not subscribed to any emails from them. I do not have an account with them, and I did not provide them with any information, other than the item I was searching for.

I did something I shouldn't have done, clicked the 'unsubscribe' link in the email, and I was taken to that retailer's page, where it said they did not have my email address in their records. The page looked legitimate, and I did scan the URL at Virus Total.

I've cleared the cache from the browser, Firefox, but my options were to clear for today or to clear ALL of it. I just cleared today's.

I'll be doing a scan of the computer anyway now. I do, however, tend to think the email was ok. My main question is: How would they have obtained my email address when I didn't give it to them?

The retailer in question is Lee, as in the clothing company in the U.S.

It's possible they share a tracking provider with other sites. From a quick look at the source I see this array:

["124_rivington", "reebok", "lucy", "design_within_reach", "abt", "calvin_klein", "northern_tool", "we", "nat_geo", "prana", "cvs", "brooks_brothers", "servermonkey", "smartpak", "steve_madden", "express", "yamibuy", "vans"]

Did you happen to have been logged in to one of those sites?

@Dalchina: The email looks completely legitimate in every detail. It also matches the graphics and discounts mentioned on the web page.

I just sent them a Facebook message, I’ll see what they say. I did ask if the email address leejeans@e.lee.com is theirs.
@PolarNettles: I wasn’t logged into any sites that looked like that. I think I had an Amazon page open on another tab, however.

I’ve had a couple of incidents in the past where I was on an online retailer’s web page and then later received an email about the exact item I had been looking at, but in those cases, I knew these retailers did have our email address and we were on their mailing list. It still kind if creeped me out to be tracked that way, but they were retailers we had purchased from.

Just looked into how to view full headers in Outlook, I’ll do that when Malwarebytes is finished scanning my rig.

Good news, the IP checks out, looks legit. 😊

I would be interested to know how they got my email address, though. And if there is a way to avoid that sort of thing in the future.

Websites often share email addresses with others. Often they will ask permission but not always. Beyond being careful about who you give your email address to there isn't much you can do.

LMiller7 said:

Websites often share email addresses with others. Often they will ask permission but not always.

Is that really legal/normal in Canada?

If TenForums gave Lee Jeans my email address without my consent for example that would definitely be illegal (under EU law anyway). You can't even share cookies without getting a explicit agreement - that is what the whole boring GDPR pop-up thing is about.

Smiley1 said:

... And if there is a way to avoid that sort of thing in the future.

One way would be to disable Javascript on your browser, which is quite impractical these days. Another would be to install anti-tracking addons on your browser to minimize - but not totally stop - similar attempts.

I donot know whether the following experience is similar to your issue.
Some time ago I browsed in a retailers website for a certain product. After that, I browsed in a newspaper website. In their window, an add appeared with the product I browsed earlier. I wondered how the newspaper knew about my earlier browsing. Answer: third party cookies. Thereafter, I disabled them in Firefox.