It is created by using the mailto protocol.
<a href="mailto:my@email.com">Send an email to my@email.com</a>Leaving the email address exposed like that will allow bots to capture the email address and send spam email to that address. A solution is encrypting the email address using JavaScript. Another alternative is the use of a contact form on the website instead of an email address.