Anonymization describes hiding, encrypting, or disguising certain identifiers in data to hide its subject. Thus, when cybercriminals obtain the data, they cannot identify whom the data belongs to or who it references. Many companies still have shockingly subpar data protection despite more stringent data regulations and laws having been introduced over the past few years.
It is often left to the user to protect their digital identity. Creating an entire pseudo-identity to prevent companies from tracking you online is a plausible solution. However, you may find that online pseudo-identities can be hard to maintain. A more viable solution may be to falsify a single identifier. Let’s explore if using fake email addresses is the best way to mask your information and reinforce your online anonymity.
Fake email addresses: not just for spamming and spoofing
Fake, generated, or temporary email addresses aren’t a new concept. Traditionally, bad actors and cybercriminals have used them for phishing scams and spoofing. Once again, the same tactics formulated to exploit us can be refashioned and used to protect us. But how and why fake emails?
Email addresses and your digital footprint
Using the internet every day and not leaving a traceable impression, particularly when you’re unaware which habits leave the greatest marks. From posting on social media or watching a video on a video sharing site…
These habits can be traced back to you through your cookies or the online profile you’ve signed up for using your email address. This connection is what is known as your digital footprint. It grows the more you interact on the internet. It eventually forms the core of your digital identity.
Nearly every website you visit encourages you to sign up for their newsletter or register for a profile that requires you to enter your email address. While they give you the illusion that it’s an opt-in service, you often wind up being spammed by the company or a third party that may have bought your information.
What’s the solution?
You could shrink your digital footprint or make it less traceable by rejecting these services or refusing to share your personal details. But what if the website or service has features that you need to use? The Covid-19 pandemic forced many companies to migrate their services online and expand their digital services to survive.
For example, the healthcare industry was one of the most affected by the pandemic and required a digital revamp to continue to provide services. It is fair to say, it would be unrealistic to advise that you walk away from every service that requires your email address. Many healthcare organizations use HIPPA-compliant patient portal software, so your data and personal information may be secure in these instances. However, it isn’t always easy to glean if the service you’re signing up for will protect your information. Nevertheless, it would help if you carefully read the terms and conditions of the services before registering. You could also research if the company supplying the service is HIPPA or GDPR compliant.
You may prefer less bureaucratic preventative measures such as opening a secondary email account. Hosts like Google, AOL, Yahoo, etc., make starting a new account quite easy (or at least they used to). However, many of these services now use multifactor authentication and require additional real-world information from you which somewhat defeats the purpose.
The main issue with setting up a second or third email account is the ongoing management of it. Sorting through your secondary account’s spam messages to find valuable and useful messages can be time-consuming. Additionally, if you’ve used your secondary email address to sign-up for multiple services, the likelihood of people connecting that email address to you increases exponentially as you use it. This is why using a fake email address may be a more feasible solution longer term.
How fake emails can protect your privacy
When you use your email address to sign up for a profile or account, your information is stored in a (relational) database. Most databases have a special column that stores unique identifiers (primary key). Sometimes, these “identifiers” can be information from a combination of columns.
Have you ever tried to register for a service twice, using the same email address? You’re usually met with a dialog informing you that the email address has already been used. This occurs because the email address serves as the key identifier for the information that goes into the database. Thus, all the personal data is tied to your email address, from your physical address to your date of birth.
It can then be validated and used to find out more information about you. Many of us use the same passwords for multiple services. For instance, you may re-use your email password as your food delivery service account’s password. If you use a fake email address and a hacker manages to find your password through a database breach, all they would really have access to is your fake email address, effectively breaking the link to you.
In this case, your fake email address has protected your real email address and your digital identity with it. Generated and fake emails are also completely disposable. If you find that your fake email address is too clogged up with spam messages, you can simply delete and start a new one with a few clicks.
Fake email addresses are also particularly useful for maintaining privacy with your domains. If you don’t want to pay the extra fee that some hosts charge to hide your domain registration information, you can simply use a generated pseudo-email account to prevent your real email address from getting spammed.
How to generate fake email addresses
The good news is the practice of creating fake email addresses that you can manage easily on the fly is gaining momentum and some of the biggest tech companies in the world are starting to offer it as a paid service. Apple calls theirs ‘Hide My Email’ and Mozilla call theirs Firefox Relay.
Atmail is a while label email service primarily for telcos and ISP’s. As part of our commercial services we offer an email relay service. The email relay can be offered via the telco or ISP domain ie: [email protected] or via a personal domain. ie: [email protected]. Setting up and managing an individual email relay for each and every online service is rapidly becoming part of best practice for protecting your digital identity.