When the email lands in the wrong inbox... and someone is watching.
In 2020, I bought a domain and configured a catch-all email for it. Then the emails started rolling in. Lots of them. Thousands. From people and companies that never intended to contact me. Some funny. Some sensitive. All unexpected.
Wrong Inbox is a project to explore what happens when placeholder domains, lazy defaults, or misconfigured systems send real-world emails into the void. Only this time, the void replied.
Every example is carefully redacted to protect identities and sensitive information. This isn’t about doxxing. It’s about awareness and the surprisingly common digital mistakes that leak data without anyone noticing.
I’m working on publishing a curated archive of interesting (and anonymized) misdelivered emails, charts of volume trends, and breakdowns of who’s still using placeholder addresses without thinking.
Have a story about a weird email you received? Want me to check if your org is leaking to a ghost domain? Email me at: hello@wronginbox.com