This is why double opt-in is best practice. They enter their email address, and you send them an email with a link they have to click to confirm sign-up. It makes it impossible for somebody to sign somebody else up.
Even with the best of intentions, somebody with the email address jim@example.com might inadvertently enter kim@example.com. You don’t want to lose Jim and you don’t want to spam Kim. So the outcome of entering an email address in a form should always be “now check your email to confirm”.
Even with the best of intentions, somebody with the email address jim@example.com might inadvertently enter kim@example.com. You don’t want to lose Jim and you don’t want to spam Kim. So the outcome of entering an email address in a form should always be “now check your email to confirm”.