With the number of global email users projected to hit 4,73-billion by 2026, email has become one of the most important platforms for communication in the digital age.
For many people, an email address is their main digital identity – and fraudsters can do a lot with it.
“Much like your own name, an email address has an enormous amount of information attached to it. Both our professional and personal email addresses are among major assets of interest to a growing community of sophisticated cybercriminals worldwide,” says Brandon Muller, technical expert: MEA region at Kaspersky.
Most online login forms, portals, e-tailers, and mobile apps require an email address. So, even though hackers need passwords to both an individual’s email and online accounts to access, an email address is an important starting point for them to implement different fraud scenarios.
Cybercriminals can target an individual with phishing emails containing malware attachments or malicious links to fraudulent website. They can also employ sophisticated social engineering techniques to gain personal details like a person’s bank account number, ID number, physical address, phone number or passwords, amongst others.
Spoofing an email address is another risk. This involves creating a fake email address that looks like an individual’s address but has minor and tough-to-spot changes (like swapping a number with a letter or adding a dash). Hackers can then extort information from that person’s friends and family whilst pretending to be them. This approach is often missed by spam filters on email clients.
What’s more, by using a reverse email search tool, a cybercriminal can discover who owns that specific email address. This can provide them with an important starting point to get as much freely available personal data from a person as possible. With many people’s emails often containing their name and a memorable number, usually a date of birth, these two identifying factors are enough for many cybercriminals to begin gathering more lucrative personal data online which can be used to steal an identity or commit financial fraud.
With the risks that exposure of one’s email address (or addresses) can pose to their personal and professional privacy and wellbeing, it’s important to know how to protect an e-mail address from unauthorised access. Kaspersky offers the following advice:
* Have strong passwords;
* Use spam filters and blocking;
* Employ two-factor authentication;
* Have a burner email account; and
* Stay vigilant.