My FICO logo $$$$$$$$$$$ 9876 5432 1234 5678 CREDIT CARD KELLY SMITH 11/26 My FICO logo
SCORE
Skip Navigation
  • Why FICO
  • How It Works
  • Pricing
  • Education
  • Community
  • Support
  • Member Dashboard
  • Log In Log Out
  • Start Plan
 
  • Why FICO
  • How It Works
  • Pricing
  •  
  • Education
    • Credit Education
    • Credit Scores
    • What Is a FICO Score?
    • FICO Scores vs Credit Scores
    • FICO Scores Versions
    • New FICO Scores
    • How Scores Are Calculated
    • Payment History
    • Amount of Debt
    • Length of Credit History
    • Credit Mix
    • New Credit
    • How to Improve Your Score
    • How to Build Credit
    • Credit Reports
    • What's in Your Report
    • Credit Bureaus
    • Inquiries
    • Errors on Your Report?
    • Blog
    • Calculators
    • Loan Savings
    • Vehicle Payments
    • How Much Can I Borrow?
    • Should I Consolidate My Credit Cards?
    • Know Your Rights
    • Identity Theft
    • FAQ
    • Glossary
  • Community
  • Support
  • Member Dashboard
  • Log In Log Out
  • Our Products
    • Ongoing Credit Monitoring Track your FICO® Score & identity
    • One-time Credit Reports Be prepared for important transactions
  • How Can We Help
    • Monitor Credit & Identity
    • Mortgages
    • Credit Cards
    • Auto Loans
  • Credit Education
  • Community
  • Support
  • Our Products
    • Ongoing Credit Monitoring Track your FICO® Score & identity
    • One-time Credit Reports Be prepared for important transactions
  • Credit Education
  • Credit Scores
    • What Is a FICO Score?
    • FICO Scores vs Credit Scores
    • FICO Score Versions
    • New FICO Scores
    • How Scores Are Calculated
    • Payment History
    • Amount of Debt
    • Length of Credit History
    • Credit Mix
    • New Credit
    • How to Improve Your Score
    • How to Build Credit
  • Credit Reports
    • What's in Your Report
    • Credit Bureaus
    • Inquiries
    • Errors on Your Report?
  • Blog
  • Calculators
    • Loan Savings
    • Vehicle Payments
    • How Much Can I Borrow?
    • Should I Consolidate My Credit Cards?
  • Know Your Rights
  • Identity Theft
  • FAQ
  • Glossary
View all Identity Theft articles

Why Your Email Account is Valuable to Hackers

October 24, 2016, by Karin Tansey

Identity is a funny thing. I used to think I knew exactly what it was made of-Social Security number, date of birth, and first and last name. Period. But then came the Internet and the notion of identity began to change and evolve along with the latest technology.

Now I'm also known by my Twitter handle, Facebook name, and even my Xbox gamertag. Increasingly, in an online world, people know not only my name, but also my email address. The miscreants of the "dark web" (anonymous, virtually untraceable global networks used by criminals) are looking for email addresses to harvest. Why? Because they make money selling consumer's online credentials-usernames and passwords to online accounts for companies like iTunes, Groupon, dell, overstock, Walmart, BestBuy, etc [i]. These login and passwords of hacked accounts go anywhere from $1 - $8 each.

To understand the risk, let's start with the basics.

  • How many email addresses do you regularly use?

The best stats I could find indicate the average person maintains 2 - 3 email accounts [ii]. Other anecdotal accounts mentioned 3 - 1 for work and 2 for personal. Of the personal, there was one "spam" account (you know the one you use when you are "required" to create an account when using a website) and one "real" account for your friends and families. I personally revolve around 10 email accounts; 9 personal + 1 professional email. Of the 9 personal, I will probably interact daily with 2 of them, with the remainder being ones that I look at maybe once a week.

  • How much information is in your inbox?

The information in my email accounts truly unlocks the keys to my kingdom. Banking statements, utility bills, receipts for online purchases and my contact list of friends and families (that once my email is known to criminals, becomes the launching pad to send these same people spam and phishing emails). Understand the relationship between your email address and other online accounts.

Email addresses are often used-or required-in order to shop, socialize or get access to website content. Whether it's creating an Amazon.com account or posting your latest picture on Pinterest, you need an email address. Now think of all the online accounts you have. The average person, by the way, has 26 with 25-34 year olds at the top of the heap with 40 [iii]. I know I'm far from the "average Jill" with my 102 different online accounts.

So here's the problem: the math makes it easy to be a hacker. "So what?!" you say? Let's do the math. Based on the information I just gave you, I will most likely interact with my 102 online accounts using only three email accounts (2 personal and 1 professional). So the payoff for a hacker to gain access to only one account is pretty good-potential access to thirty-four accounts (102 divided by three). If you're a poker person like me, you know those odds are pretty good. You're going all in. Now imagine the depth and breadth of information a hacker would have access to after gaining access to these accounts. To get a bird's eye view of what kind of information a compromised email account can unveil, check out this super cool infographic [iv].

So what should I do? Create secure passwords. It's never been more important to make sure you are creating difficult to guess or crack passwords for your email accounts. Password management software are everywhere now (PasswordBox is one of my personal favorites). Find one that can generate secure passwords with a click of a button and use it to manage your existing accounts as well as create security hardened passwords. Be thoughtful about to whom you give your email address. When I'm not sure if I want to create a relationship with an online property, I use mailinator.com. Mailinator is service that allows users to create a temporary email address and receive and easily access email on their servers-at no cost to the consumer. Email is purged after 24 hours.

IMPORTANT NOTE: DO NOT use this service for confidential or sensitive relationships since passwords are not required to read emails-the user only has to know the email address. Pay attention to data breach announcements. The Target breach that exposed 110 million consumers was reported to be perpetrated by an email malware attack [v]. Breach announcements will often be accompanied with specific information about what data was exposed. Consumers are often able to identify brands with which they do business. Another free resource is Pwnedlist.com. This website allows consumers to sign up for free monitoring of a maximum of 3 personal email accounts. The service notifies you if they find your email address in a data breach containing credentials. The moral of this story is pretty clear- don't take the security of your email address for granted. Treat your email address more like your cell phone number than your zodiac sign. Only people I know and trust get my real cell number (and yes, I have alternate "fake" ones that route to my real one too, thanks to Google Voice). As we've become accustomed to letting our email addresses wander about, unsupervised like a drunken bachelor in Vegas, we've put ourselves more at risk. Remember, this is the 21st century and what happens in Vegas doesn't necessarily stay there anymore.

Sources:

[i] The Value of a Hacked Email Account, 6/10/2013, Krebs on Security

[ii] Email Statistics Report, 2011-2015, THE RADICATI GROUP, INC.

[iii] Online fraud: too many accounts, too few passwords: Threefold increase in fraud compared to 2010, 7/18/2012, Techradar

[iv] The Value of a Hacked Email Account, 6/10/2013, Krebs on Security

[v] Email Attack on Vendor Set Up Breach at Target, 2/12/2014, Krebs on Security

Karin Tansey

Karin Tansey is the Senior Director of Product Management at myFICO and an online security expert.

Estimate your FICO Score range

Answer 10 easy questions to get a free estimate of your FICO Score range

740 - 790
Estimate for Free

Instant Access to Your FICO® Score

90% of Top Lenders Use FICO® Scores. Do you know yours?

Get Access Now!

Page footer

Products

  • Home
  • Why FICO
  • How It Works
  • Pricing

Learn

  • Education
  • Community
  • Support
  • Blog

Company

  • About Us
  • Terms of Use
  • Privacy Policy
  • Affiliate Program
  • Accessibility

Get Our App

  • Download iOS app on the App Store
  • fil_get
    Get Android app on the Google Play Store

Follow Us

  • Twitter
  • Facebook
  • Instagram

Credit Education

  • Credit scores
  • What is a FICO Score?
  • FICO Score versions
  • How scores are calculated
  • Payment history
  • Amount of debt
  • Length of credit history
  • Credit mix
  • New credit
  • Credit reports
  • What's in your report
  • Bureaus
  • Inquiries
  • Errors on your report?
  • Calculators
  • Know your rights
  • Identity theft
  • FAQ
  • Glossary

Copyright ©2001- Fair Isaac Corporation. All rights reserved.

IMPORTANT INFORMATION:

All FICO® Score products made available on myFICO.com include a FICO® Score 8, and may include additional FICO® Score versions. Your lender or insurer may use a different FICO® Score than the versions you receive from myFICO, or another type of credit score altogether. Learn more

FICO, myFICO, Score Watch, The score lenders use, and The Score That Matters are trademarks or registered trademarks of Fair Isaac Corporation. Equifax Credit Report is a trademark of Equifax, Inc. and its affiliated companies. Many factors affect your FICO Scores and the interest rates you may receive. Fair Isaac is not a credit repair organization as defined under federal or state law, including the Credit Repair Organizations Act. Fair Isaac does not provide "credit repair" services or advice or assistance regarding "rebuilding" or "improving" your credit record, credit history or credit rating. FTC's website on credit.

PRIVACY NOTICE: When you visit this website we collect your browsing activities on our site and use that information to analyze and research improvements to the website, and to our products and services. When you register for our products and services, we also collect certain personal information from you for identification purposes, such as your name, address, email address, telephone number, social security number, IP address, and date of birth. Further information is available in our FICO Data Privacy Policy. For visitors with visual disabilities, access to this website, including our FICO Data Privacy Policy, is available through assistive technologies, such as BrowseAloud, JAWS, VoiceOver, Narrator, ChromeVox, and Window-Eyes. More details on software and accessibility are available at WebAIM.org.