We’ve all lost count of how many times we’ve entered our email address and phone number to sign up for an online service, access a website or an app, read the news or log into any of the social media accounts most of us have. Put bluntly, our contact information is all over the internet.
At the same time, being safe and private online can be hard work and time-consuming, mainly if we have to think about managing settings and what information we want to share every single time we sign up for a new service or make an online purchase. It becomes overwhelming and could definitely be made more efficient.
Can we make it easier? Just like taking Sunday evening to prep some meals for the week, we can spend some time today to protect our online privacy for the months ahead!
Disposable and temporary: the art of online camouflage
Temporary email address and a secondary inbox
As most websites require an email address to register, most of us will simply enter our primary email address. Why would we need more than one inbox anyway? The reality, however, suggests otherwise. When we register a new account or even just input our email to access restricted content, we are most often also agreeing to the transfer of our contact information from a certain service to another for marketing purposes.
But it doesn’t have to be that way. What to do instead?
Strategy 1: Use a disposable email address – for things you don’t really care that much about.
A number of disposable email services let you use a temporary email that self-destructs after a set period of time. This comes in particularly handy for one-time use, for example when you are asked to submit an email address to access restricted content, but don’t necessarily want to run the risk of being bombarded by marketing communications and spam.
A caveat applies, however, and we can’t stress this enough: it’s not a good idea to use these services for any communications that may involve truly sensitive data.
Strategy 2: Create a secondary email address for logins and important newsletters.
For all government, banking and other key contacts, use an end-to-end encrypted email service as ProtonMail. Don’t use your primary email address for anything other than staying in touch with your friends and family. This will keep your inbox organized, free of spam and protected from data leaks in case a service you’re registered with suffers a data breach.
Alternatively, you can also use a feature such as Apple’s Hide My Email to sign up for a service without giving away your real email. Apple creates a unique address that masks your real address and provides it to the service you’re signing up to. All emails will then be forwarded automatically from the masked account to yours. While Android does not yet offer a similar feature, there are a few alternatives, such as Firefox Relay.
The burner phone number
Along with email addresses, your phone number is a must-have to register and log into a number of websites, to receive timed passwords that confirm your identity or even for online retailers to hand over your contact details to delivery services.
All in all, your phone number is everywhere, so no wonder most of us already receive random texts and WhatsApp scam attempts.
Strategy 3: Get a cheap prepaid SIM card.
Usually, this is a cheap card that you only have to top up with a few bucks every few months to keep it on and, in most countries, you are not required to show an ID to use it. The purpose is to use this phone number for all your online needs: You can link it to social media accounts, use it for parcel tracking numbers, share with potential dates you meet online and use it for general anonymity.
Meanwhile, your real primary number should only be shared with family, friends and government or financial institutions. Because you use the burner number for your online purposes, if you get a call, you can immediately assume it is a scam and, most likely, some website you were registered at suffered a data breach.
Single-use bank cards
Buying online can be really convenient, no doubt! We just need to enter the website, choose what we want and usually we already have our banking card details stored from a previous purchase. All good. Unless there’s a data breach affecting the details saved on that website that compromises our card details or we fall victim to a nasty social engineering scam!
Strategy 4: Go for single-use, virtual cards.
Many banks, mainly those based on mobile applications, offer virtual cards instead, or as an additional option on top of the physical card. And most of these banks will also offer disposable single-use cards that are connected to your real card. Once you make a purchase with a single-use card, the bank system will detect the movement, destroy those card details and automatically generate new ones ready for the next purchase. Because this is a randomized card, hackers won’t be able to track your real information.
And in case you’re wondering about refunds, the sellers can still return the money through the same single-purchase card details to your account.
Two-factor authentication and one-time codes
Most online services these days allow – and recommend – the use of two-factor authentication (2FA). That is, apart from entering your password, you can also be required to perform an extra authentication step. This way, if someone steals your password, they still won’t be able to log in without the 2FA code in their hands.
Strategy 5: Use app-generated 2FA passcodes.
Most often, 2FA involves sending an SMS message to your phone number (hopefully your burner phone) with a one-time passcode (OTP). You only need to type it in where requested to prove your identity. Another – and better – way relies on using authentication apps such as Microsoft Authenticator. Under their privacy settings, most websites offer the possibility to generate a QR or alphanumeric code that can be input on the authenticator app; in turn, the app will generate a temporary code that works just like an OTP.
This second method is something you might want to get used to – and not just because Twitter stopped supporting SMS-borne 2FA for non-paying users recently.
Let’s recap!
- Create temporary email accounts for when you need to cross a restricted content wall that requests your email address for further access.
- Use a reputable email provider, such as Gmail or Outlook, to create a secondary account that you use for online services and website signups.
- Get a burner number to avoid getting SMS and scam calls.
- Use virtual disposable banking cards that are self-destroyed after a single use.
- Use one-time codes for two-factor authentication on top of a strong and unique password.
Embracing your online privacy as part of your normal routine will make it feel seamless and natural, taking away the feeling of burden and constant doubt about whether you’re doing enough to protect your digital life. Overall, using email addresses, phone numbers and cards that are not directly linked to you is also a great way to minimize your digital footprint and slash the risk of being the victim of a data breach or scam. Finally, there’s just as much we as users can do to prevent malicious activity; it is always advisable to use digital security software that protects you from other potential risks and attacks.
About ESET
For more than 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET becomes the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information visit ΕSET Hellas or follow us on Facebook, Twitter and LinkedIn.