Our privacy and personal data are under attack daily. And email addresses are some of the most vulnerable of your data points. The following popular websites have been recently hacked and the email addresses customers used to login compromised:
- MySpace with 359,420,698 email addresses affected
- Yahoo with over 1,000,000,000 email addresses affected
- LinkedIn had 164,611,595 email addresses affected
- Adobe saw 152,445,165 email addresses affected
- Dropbox with 68,648,009 email addresses affected
- Tumblr had 65,469,298 email addresses affected
And this is just a small list. If you think your email is only a disposable account, you may be surprised to find out what nefarious activities your email address can be used for:
- Your email address can be sold to marketers who will spam you with no regard for CAN-SPAM laws set by the FTC that prevent spammers from marketing to you without your consent.
- Hackers can access your email address password to impersonate you to collect personal information from friends and even your employer.
- View your email history to scan for online accounts like bank accounts, phone services, credit card statements and other personal information.
- Request password resets for bank account logins, social media accounts and more using your hacked email address.
Here are three common ways your email address is vulnerable and what you can do about it by using email security best practices.
1. Using your email address as an account login
Most companies have safeguards to keep your personal information safe. But as explained above, even the largest companies experience security breaches. Don’t rely solely on a company to safeguard your personal data and take email security into your own hands.
Email security solutions: Check your email address for data breaches at haveibeenpawnd.com. Simply enter the address and no other personal information to check against a database of compromised services. The website will list which companies may have been exposed to email security breaches and when. If your email address has been breached, change your password to a strong password that can’t be easily figured out.
2. Becoming a victim of a phishing scam
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Sophisticated phishers will send you an email requesting additional information and make it appear it’s coming from a reputable company.
Email security best practices: Look for red flags in the email like typos and other grammatical mistakes that appear unprofessional or uncharacteristic of a major company. Do not open any attachments and never disclose private information like login, credit card numbers, date of birth, etc. When in doubt, contact the company directly and not through any provided links.
According to Chase Bank, “We won’t ask for confidential information such as your user name, password, personal identification number (PIN) or other account information in a text message or email, or over the phone, unless you call us about an issue, such as something to do with your account. In that case, we’ll ask you to verify your information so we know you’re who you say you are.”
3. Signing up for service or free perks that require you to provide your email address
If a company is offering you something for nothing, they’re likely going to sell your email address. The FTC set CAN-SPAM laws that prevent spammers from marketing to you without your consent or sending you inappropriate emails. Unfortunately, many marketers that sell and buy email addresses don’t follow FTC rules. The act of buying email addresses is illegal, yet spam continues to be pervasive as unethical marketers look for loopholes like “renting” an email address list.
Email security solutions: Think twice before signing up for a free download or free offer. Chances are your email address will be sold or “rented” to the highest bidder. Use a second email address to field these types of services or free perks. And never enter personal information like your address, phone number and other info when signing up. Use a fake name or a universal birthday like January 1.
Why you should have at least two email accounts for security
Don’t put all your eggs in one basket when it comes to your online data. As more and more services and products go digital, your email address becomes a crucial ID for logging in, as well as the place where you receive important notifications.
Have one email account for your personal and financial data only and at least one more email account for everything else. Email addresses are free — an email account just for social media logins and one for questionable services that require sign up would be a good idea. To better keep track of your email addresses, name each email account with words that remind you of what each email address is for.
An extra layer of email security protects your privacy and identity
Take a few minutes to do an email security audit. Set up at least two email addresses to separate and protect your personal and financial information. Regularly monitor your email addresses and check how much spam you’re receiving. If you notice a jump in spam, change your password to one that is difficult to guess and uses a combination of letters and characters to secure your account.
You can’t avoid a digital life. But knowing the dangers of email breaches, how unscrupulous marketers misuse your email addresses and how you can protect yourself by using more than one email account will safeguard you and your information.