Accidental Honeypot. Intentional Curiosity.

In 2020, I bought a domain and configured a catch-all email for it. Then the emails started rolling in. Lots of them. Thousands. From people and companies that never intended to contact me. Some funny. Some sensitive. All unexpected.

What Is This?

Wrong Inbox is a project to explore what happens when placeholder domains, lazy defaults, or misconfigured systems send real-world emails into the void. Only this time, the void replied.

Redacted & Respectful

Every example is carefully redacted to protect identities and sensitive information. This isn’t about doxxing. It’s about awareness and the surprisingly common digital mistakes that leak data without anyone noticing.

Coming Soon

I’m working on publishing a curated archive of interesting (and anonymized) misdelivered emails, charts of volume trends, and breakdowns of who’s still using placeholder addresses without thinking.

Talk to Me

Have a story about a weird email you received? Want me to check if your org is leaking to a ghost domain? Email me at: hello@wronginbox.com