Remember when you needed an invitation to create a Gmail account? That moment in time when a Gmail account made you part of the secret society of digitally-based hyper-literates? I remember that moment as if it were yesterday, because that's when I secured an address like first.last@gmail.com (obfuscated, because I don't want to serve email addresses to robots on a platter, but you get the idea), an address I've been using as my primary email for over 15 years. Fast forward to the present and – bam – it turns out I'm not the only one claiming this address.

Or at least that's what some internet users think, that it's a common good, like first and last names.

For the past two years, I've been receiving emails intended for a mysterious alter-ego named firstlast@gmail.com – the same name, just without the dot. Escorts, orders for scooter wheels, accounts on betting sites, fishing equipment, life insurance, phone bills – the whole menu of online maturity.

Initially, I thought it was an elaborate phishing campaign. But no, these are real transactional emails. Sent to someone who, for reasons that belong more to clinical psychiatry, believes that firstlast@gmail.com is a valid address that will miraculously deliver messages to them just because they want it to.

Spoiler: Gmail doesn't give a damn about your dots

Here's the trick: Gmail treats versions with and without dots of an address as one and the same. So first.last@gmail.com is the same thing as firstlast@gmail.com or even f.i.r.s.t.l.a.s.t@gmail.com. Everything ends up in the same inbox. Mine.

But websites and online stores are, for the most part, clueless. For them, first.last and firstlast are two completely separate, autonomous entities, and they'll happily create a new account and honor the order placed (and paid for) by the "impostor" – the only problem is they should validate control over the address through a token link or OTP code. But why add friction to the sales process? Money is floating in the air, and email verification is a minor detail that just gets in the way.

And so I became the owner of firstlast@gmail.com's correspondence – a digital double with fetishes for teenagers on dating sites and online casinos. Uninvited, unasked, slightly amused.

Welcome to your digital life. I'll be your guide.

It's quite a strange feeling when you check your email with your own login credentials and discover bills in your name, but in other cities – or even other countries. This is where the truly inexplicable begins: the individual who gives my email address as their own has also recommended it to family. I've received emails for their uncle, their wife, and at one point, even for the family dog.

In this bizarre correspondence, I've come across all kinds of identity documents. Home addresses. Insurance policies. Birth dates. I've been one thought away from initiating SIM swaps or account resets. Ethically, it's not right to do it. Legally, not so much either. But let's be honest: if I were a malicious person, I could take over a large part of their online lives (and eminently, their physical ones too, because nothing hurts physically more than a luxury upgrade to your phone subscription, Netflix, or whatever services you have associated with that email, dude).

This whole thing is like a phishing campaign where the victim voluntarily gives you all their data and asks if you want a blowjob on the side. It's not social engineering. It's not malware either. Just poorly managed identity and zero understanding of how email addresses work.

I tried to help. It didn't work.

At first, I tried to cancel orders. I replied to vendors: "This email address doesn't reach the person you're targeting." I begged an auto insurance company to delete the account. Some complied. Others sent me new offers. At one point, I was receiving monthly bills for someone else's life insurance. If that guy dies, do I get the money?

Eventually, I gave up. Now I observe from the shadows the movements and online preferences of (at least) one individual who bears my name and who also covets my email address.

So what do we do now?

This whole story is more than an amusing anomaly. It's a warning. A good part of the population exists quite well on this planet convinced they own inboxes that don't belong to them, creating accounts, uploading documents, ordering scooter parts – all while ceding digital control to strangers.

And Gmail? There's no way it can help you. There's no "report mistaken identity" button. You can't block variants of your address. The system works exactly as it was designed. And that's the scariest part.

What you could do (and what I will NOT do)

Technically speaking, I could take over their accounts. Reset passwords. Change their delivery addresses. Cancel insurance policies. But I don't. Not because I'm a model citizen, but because I don't have time for that. I can barely read (and sometimes respond to) my own emails.

But all this chaos underlines how fragile online identity is. One mistake in an email field during registration and you've handed your life over to someone else.