August 3, 2017

Your Super Secret Email Address

Filed under: Main — Tags: , — admin @ 12:01 am

Banking, shopping, and even paying your taxes can be done online. Unlike the 1990s, people are less paranoid about security, nor do they fret over typing in a credit card number. A secure website means you’re most likely safe, though you can still take extra precaution by using a super secret email address.

A friend who works in the financial industry told me about this trick — which really isn’t a trick, it’s just being clever: For all your financial accounts, set up a unique Gmail, Yahoo, or other free email address. This address is a account, beyond your primary one.

Yes, this trick is an old one. I recommend in my books using a “trash” email account when an email address is necessary to sign up for a service. Until you confirm that you really need the service, you use the trash account, which you check to confirm your identity but seldom otherwise. For a financial email account, however, you need to take it seriously.

First, create the account using a completely random email address. For example: dlk9030Dlkfj110_dlkfj, which I typed on the keyboard by using my cat’s paw. The address must be unique, unusual (no real language words), and not tied in any way to your name, your occupation, or anything identifiable.

Second, use this new, unique email address as your bank or financial institution’s primary contact number. Email from that service only goes to the unique account. As long as you use the account only with that financial or other secure websites, you can be assured that:

* Any email arriving in that account’s inbox is from that financial or other important organization.

* Any email not from those organizations is most likely a “partner” organization, which obtained the email address from the original organization. (You can generally opt out of this “feature.”)

* Any email purporting to be from the financial organization that arrives in another email inbox is spam or a phishing attack.

It’s that last point that’s vital: People fall prey to phishing attacks all the time. The message looks legitimate. You must log in to your account to correct some error or deal with a mistake — but the website is bogus and it collects your true login and password. Peril follows.

By using a unique email address, you avoid the concern over phishing messages. Any message that arrives in your unique account’s inbox is legit. Even so, do ensure that the website shown in the address bar matches the financial institution’s website. Check for the padlock to indicate a secure connection.

Yeah, all this stuff is extra work and a pain in the rump. Still, if online security is important to you, it’s a great tip to legitimize email you get from your bank or investment firm.

2 Comments

  1. Hi Dan,
    That is a good tip and I most likely use it. I was wondering what your view on security is for Cloud services. I used Dropbox linked to SVN to give me a little more confidence and was told to ‘stop that, its not secure enough!’. Your view?

    Comment by glennp — August 4, 2017 @ 2:50 am

  2. I don’t put anything on the cloud that I don’t intend on sharing with others. So when I collaborate with an editor or producer, I put it on the cloud. When I share screenshots, I use dropbox, which is handy. And when I’m away from the office, I put my current workload on the cloud, but then remove it when I return. I don’t think security is an issue for me, I’m just old school and prefer to keep things local.

    Comment by admin — August 4, 2017 @ 6:56 am

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.


Powered by WordPress