Why You Need A
Junk Email Account
Why Do I Need A Junk Email Account?
Everyone already has multiple e-mail or messaging accounts: personal, business, LinkedIn, Facebook, Twitter… The list goes on. Why would I need to create a junk e-mail account?
First, a junk e-mail account can be used when you want to download something but don’t necessarily want to give your personal e-mail address. I use a junk e-mail account when I am requested to provide my personal information for a brochure or white paper on a topic I am interested in but don’t necessarily want to be contacted by a sales person.
Second, when you request something, your account is then flooded with other information from that site. By providing a junk account, I keep my business and personal accounts relatively spam free.
Hacker Alert - Be The First To Know
However, the most useful reason is that I add my junk account to my contact list in my other e-mail accounts. If (or when) these accounts get compromised and the hacker sends out a blast mail to all my contacts, I am also on the list. This means I get notified in real time that my e-mail account has been compromised. I can also then send out an all-contacts e-mail stating to ignore any message from me regarding “xyz.”
I realize that this approach may sound “old school,” and yet I am often alerted to my account being compromised long before my ISP or e-mail provider formally lets their customers know that a breach has occurred. Your ISP or e-mail provider will reluctantly admit a breach when it affects millions of people; however, sometimes a hack affects only a smaller number of people and these are not always made public.
E-mail has gotten more sophisticated, with many providers implementing two-factor authentication (2FA) or using a one-time login code. While this method improves the overall security of public e-mail accounts, there are techniques that hackers use that defeat the security of this method. These techniques include man-in-the-middle, man-in-the-endpoint, credential hijacking, and social engineering.
Bottom line: Plan to be compromised at some point and put a “canary” in your contact list so that you are alerted when the compromised account is activated for malicious use.
Never Send These Via Email
Finally, you should treat e-mail like it is postcard that almost anyone can read. Here is a list of things you should never send via un-encrypted e-mail:
- Your personal identifiable information (social security number, drivers license, birthdate)
- Any financial information (bank accounts, credit card numbers, stock trade accounts)
- Any medical information (prescription drugs, chronic medical conditions, depression)
- Any log-in credential or passwords
Why Choose ASCERTIS Solutions
ASCERTIS Solutions can conduct a security assessment of a small business in a week and provide a roadmap for your company to implement a cyber defense strategy that fits your budget. Trained security professionals can be hired on a part-time basis to fill the role of Chief Cyber Security Officer (CISO) to assure that your roadmap is implemented in a timely and cost-effective fashion.
If interested, please contact firstname.lastname@example.org.