Use Gmail Email Alias for Cyber-Defense
| March 10, 2020If you use Gmail for personal email, we have a trick that can help you not only organize your inbox but also help protect you against a cyber-breach.
Gmail has the ability for you to add in periods anywhere in the first part of your email address. For example, jane.doe@gmail.com can be j.anedoe@gmail.com. You can also add a plus sign and any word you want before the @ symbol (e.g. jane.doe+finance@gmail.com). There are two reasons you should use this trick.
Gmail Filters
You can apply a Gmail filter to help organize your inbox. For example, if you have an app on your phone that you are using for food rewards or online shopping, you can create a filter for jane.doe+food@gmail.com.
When you sign up for the app, use the +food and the filter can automatically archive, mark it read, apply a label, or categorize it. You can use any +word and create a filter +bank +shopping +friends, etc. If you use home automation you could use the +home to turn on your lights using an IFTT software – the possibilities are endless.
Cybersecurity
This takes a little bit of understanding of how information is used by unethical people. On the dark web, your email address and password are usually contained in a text file or database file that criminals purchase, download utilize to write software that will automatically go through the list, and attempt to login their preferred site. These lists are from breaches and can contain any personal information such as username, email, and password.
You can check your email address to see if it has been found on the dark web here.
How can an alias help?
To help combat the automatic attacks you can use these features to make it harder (but not impossible) for them to use the files on the dark web. When you sign up for a website or an app, use an alias instead of your official address (jane.doe@gmail.com). Check out the example below:
- Bank website
- jane.doe+fin@gmail.com
- Social media
- jane.doe+social@gmail.com
- Rewards
- jane.doe+rewards@gmail.com
- Work
- jane.doe+w@gmail.com
- Apple
- jane.doe+apple@gmail.com
- This example of using apple could be for apple.com. We suggest you avoid using the site name on every site
Using different email addresses helps protect you by obscuring your known email address. This is not full-proof but it does make it more difficult for someone to guess your email address from site to site. If a social media hack gets your email address and password the same email address will not be able to be used to login to your account.
Are Alias email addresses enough to protect me online?
The answer is no. An alias makes it harder for an automated attack to work because you have a different email address/login for different sites. It is like putting a lock on your locker at the gym. It keeps good people honest. Someone with the right tools and will power will get into the locker.
We recommend using multi-factor authentication with every account you can. This is the best option in today’s world. An email alias with multi-factor authentication is a pretty strong combination, however.
If you are a business this can work with g-suite accounts but unfortunately, this does not work with Office 365.