In the current digital and technological age, your email address can become part of your digital identity. Email addresses are used to sign up for online accounts, quite often reused for different ones, also to communicate with friends and family, and even conduct business. They are used regularly and as a result, your mailbox contains a wealth of personal information about you and can be used to find information including your names, addresses, phone numbers, and even financial details.
Moreover, an email address is often recommended as a username for many online services. This makes your email address data a valuable and very enticing target for cybercriminals. This was acknowledged as such when the UK Data Protection Act morphed into GDPR in 2018. If a hacker can gain access to an email account by guessing the password, they can use the information they find to commit identity theft, financial fraud, or other crimes. They can also obtain a wealth of information about you and will often share this with other cybercriminals. They can even reset your password and account recovery information, locking you out of that account completely!Â
That's why it's vitally important to protect your email addresses with strong passwords and two-factor authentication. You should also be careful about what information you share in your emails, and you should never click on links or open attachments from unknown senders. Cybercriminals will often try their luck by sending you a malicious email, trying to convince you to download malware, or direct you to a malicious website posing as a genuine individual or company. Emails can be spoofed to appear legitimate so take extra care. Always question what you are being asked to click and why. There are other methods they use to do this, but your email address can be found easily online as it is used for so much in day-to-day life.
Attackers will also use your email addresses to track your online activity. They can use your email address to build a more complete picture of your online presence and use this to optimize their approach against you to maximize their chances of success.
Ultimately, your email addresses are a valuable, personal part of your digital identity. You need to protect them carefully and use them wisely. Treat them as you would any other valuable form of identification. Would you freely give up your date of birth? National Insurance or passport number? You should treat your email the same way.
What can I do to remain safe?
Although it is tempting and convenient to use your email address as a username, you do not always have to, and it is important not to if given the option. If a cyber criminal obtains your email address, they will often use that as their guess for your username to your account and then it just leaves the password. It is not uncommon for people to reuse email and password combinations making this extremely risky.
If presented with the option create a unique username, do so with the following tips in mind:
Avoid using personal information.
Make it long and complex at least 12 characters and use a mix of letters numbers and symbols or three random words.
Do not use common phrases.
Do not use your email address or phone number.
Do not reuse usernames.
However, make sure that it is memorable to you and that it is appropriate for the site. You could consider using a username generator for help with this and use a password manager to keep track of your unique usernames and passwords.
If you are concerned about your privacy, you can use a privacy-focused email service like ProtonMail* or Tutanota* amongst others. These services encrypt all your emails, making it difficult for anyone to track your online activity.
Here are some additional tips for protecting your digital identity with your email address:
Use a strong password and change it regularly.
Enable two-factor authentication (2FA).
Be careful about what information you share in your emails.
Never click on links or open attachments from unknown senders.
Use a privacy-focused email service.
There are also websites and services you can sign up for, to monitor your email address and alert you if they appear on the dark web in any data breaches. Most premium antivirus services offer this feature and will automatically alert you once configured. The alternative is to check websites such as https://haveibeenpwned.com to manually enter your email address and see if it has been leaked in a data breach.
Make sure to keep an eye out for any emails from your provider which will also notify you if your email has been exposed. If you are alerted that your email has been exposed, then change your password immediately as these are often leaked too.
By following these tips, you can help to protect your digital identity and keep your personal information safe.
*Regola would like to clarify that we do not have any affiliation with the services or providers mentioned in this article. They are merely suggestions that you may find useful. Please note that we do not take any responsibility for the service or any experience you may encounter while using it. It is essential to exercise caution and carefully choose your service provider.
Useful Links:
Proton Mail:
Tutanota:
How to enable 2FA on gmail:
How to enable 2FA on Yahoo:
https://www.tomsguide.com/news/gmail-set-up-2fa-mobile
How to enable 2FA on Outlook:
Website to check if email has been involved in data breach:
username generator:
תגובות