The importance of using different emails for your crypto related activity

[Baofeng]

It's already June and we have seen many exploits/hacks/breaches already. And we have read in news that hackers are dumping personal information to the public or selling them in the dark market (specially crypto users).

Some of them might be false, however, this is still a threat that is highlighted many times already and as crypto users, we really need to practice safety measures of our own. Below are some of the supposedly data dumps in recent months.

• https://twitter.com/underthebreach/status/1264460979322138628
• Recent Data Hack Could Put Millions of Dollars in Bitcoin at Risk
• BlockFi’s Data Breach May Allow Criminals to Extort Rich Clients

How is this important to us?

These data dumps can be used by hackers by:

• they can directly access your crypto account and steal everything from you
• worst case scenario, your address is exposed and you can be a target at your physical home
• the leak emails can be cross-reference to other data breaches in the past, and it you didn't practice having different strong passwords, they have decrypted it quickly, and can go a process of elimination by logging to different crypto related sites like exchanges and online wallets to get what they want from you

Best practices:

• use strong and random password for your different email accounts
• use a good password manager
• 2FA

This is just a reminder, regardless if you are a beginner here or experienced traders. We really need to practice security hygiene to minimise the risk of being hack as these bad actors are really stepping the game every time. Please let me know, I may have missed a lot here, help me update this list.

[1715180788]

1715180788

[1715180788]

1715180788

[1715180788]

1715180788

[1715180788]

1715180788

[GreatArkansas]

These data dumps can be used by hackers by:

Additional for this part is, as they already got your email address, we can also receive random emails that may contain some phishing links inside of it.
Or some spam emails about cryptocurrencies with some advertising such shitcoins or scam ICO, or anything. This is why it's so important that we should separate our personal email address, work email address, and purposes.
A good thread to read, +1!

[mk4]

This is why I always recommend using privacy-respecting email clients such as ProtonMail[1] and Tutanota[2]. They're good for privacy, and at the same time, they have email aliasing features so you can point different email addresses onto only one mailbox. Perfect for having separate addresses for you exchanges, social media, etc. Pretty cheap, too! Tutanota only demands €12 per year for 5 aliases.

[1] https://protonmail.com/
[2] https://tutanota.com/

[Upgrade00]

and it you didn't practice having different strong passwords, they have decrypted it quickly, and can go a process of elimination by logging to different crypto related sites like exchanges and online wallets to get what they want from you

Users should avoid exchange and online wallets where you either don't own your private keys or it's stored online, some also require you to submit KYC, which adds an extra threat.
Having different emails for different purposes is a good idea, I would also advise one keeps a log, if you're opening random accounts often it's very easy to mix everything up and reuse details. Only open accounts you need, in cases where you're just experimenting use a throwaway mail to set up an account and if/when you decide to register you can create a unique address for such account.

[Peanutswar]

Some of the people today are making a lot of duplicates accounts and before they transfer their funds into their main account but now some of the wallet and exchanges require now a KYC  which if you already created a new account just for the dummy to avoid getting directly to your account they already restricted this kind of an action because its looks like a spam account to the exchanges and wallet and one of the best way to do is to use the 2FA or use strong passwords. Passwords with a symbol, number, and upper and lower case letter. I would like to recommend to encrypt your passwords or use a cipher that the only one who can decode is you and this is the most effective one.

[KrisAlex18]

Hackers will use this situation to take advantage, many of us are jobless so its easy for them to fool other people by their words, they are so great at doing that thing, most of them are just asking things, or they offer something so people will get interested but by just asking they are also getting some of your personal information which they can use to have access on your account or have ransomware on you.

Great advice from OP, you have to secure your wallet, using strong password will lessen the chance of getting hacked or to avoid everything and have fully secured wallet you may use a hardware wallet, it is the best wallet for us if we really want to store our money safe, an online wallet is really dangerous because it is prone from attacks and is really different from hardware wallet because hackers cannot access something without internet.

[minairia3]

This is why I always recommend using privacy-respecting email clients such as ProtonMail[1] and Tutanota[2]. They're good for privacy, and at the same time, they have email aliasing features so you can point different email addresses onto only one mailbox.

Whats the difference of these services from normal gmail and yahoo services cause they have payment terms?

I agree with OP, I never used my real name when using any crypto related affairs here in forum. Just using mostly my dummy account emails and segregate the personal email to important matters like jobs and family contacts. Thats why most users got have spam mail or phishing sites invites cause they use their own personal email that leads to breach their own bank account and even crypto wallet.

[mk4]

Whats the difference of these services from normal gmail and yahoo services cause they have payment terms?

In summary, Google(which owns Gmail) is a huge-ass data hog. As for Yahoo, it's pretty much spam-ville; and I definitely wouldn't use Yahoo knowing how they handled their past hacking incident.

https://en.wikipedia.org/wiki/Yahoo!_data_breaches
https://whyprivacymatters.org/
https://protonmail.com/blog/protonmail-vs-gmail-security/

[RapTarX]

While it's good to use different email for different activity, it's a pain in the ass to manage a long list of email as well. I would rather use a throw away email for most of the activity while for exchanges which I use most, I would use the main email. If you are going to maintain a long list of email, you may miss a lot of important updates which may ruin you too.

[mk4]

While it's good to use different email for different activity, it's a pain in the ass to manage a long list of email as well. I would rather use a throw away email for most of the activity while for exchanges which I use most, I would use the main email. If you are going to maintain a long list of email, you may miss a lot of important updates which may ruin you too.

Take a look at email aliases. It's for this exact purpose: so you won't need to manage separate emails with each separate login credentials.

Even G Suite has it: https://support.google.com/a/answer/33327?hl=en

but then again, obviously Gmail wouldn't be the perfect pick. Check out Tutanota and Protonmail which both has this nifty feature.

[jossiel]

• 2FA

Exchanges and online wallets, 2FA is a must.

I have witnessed a lot of people complaining how they were hacked due to not activating their 2FAs. It's sad to see them complain although they were warned that it's part of security measures and everyone should apply it.

[bob123]

I have witnessed a lot of people complaining how they were hacked due to not activating their 2FAs. It's sad to see them complain although they were warned that it's part of security measures and everyone should apply it.

And at the same time these people use the same device for logging in and 2FA, completely negating the whole purpose of it.

The usage of 2FA for the purpose of using it, is not enough.
You still need to think about the whole purpose of it and how to use it properly i.e. do not use the same device for logging in and generating the 2FA code.

[Lordhermes]

It's already June and we have seen many exploits/hacks/breaches already. And we have read in news that hackers are dumping personal information to the public or selling them in the dark market (specially crypto users).

Some of them might be false, however, this is still a threat that is highlighted many times already and as crypto users, we really need to practice safety measures of our own. Below are some of the supposedly data dumps in recent months.

• https://twitter.com/underthebreach/status/1264460979322138628
• Recent Data Hack Could Put Millions of Dollars in Bitcoin at Risk
• BlockFi’s Data Breach May Allow Criminals to Extort Rich Clients

How is this important to us?

These data dumps can be used by hackers by:

• they can directly access your crypto account and steal everything from you
• worst case scenario, your address is exposed and you can be a target at your physical home
• the leak emails can be cross-reference to other data breaches in the past, and it you didn't practice having different strong passwords, they have decrypted it quickly, and can go a process of elimination by logging to different crypto related sites like exchanges and online wallets to get what they want from you

Best practices:

• use strong and random password for your different email accounts
• use a good password manager
• 2FA

This is just a reminder, regardless if you are a beginner here or experienced traders. We really need to practice security hygiene to minimise the risk of being hack as these bad actors are really stepping the game every time. Please let me know, I may have missed a lot here, help me update this list.

Beginners Makes So Many Mistakes Regarding Standard  Safety And Email Management. Hackers Are Moving Faster Into The Crypto Space InxasNow. The Best Additional Safety Measures To Take Are.
     1. Strong Password With Characters And Numbers Of
         About 16 Digits.
     2. 2FA With Phone Numbers, Google Authy And Email 📧
     3. In Case Log In Via Other Users Device In Exchange 
         Ensure To Clear Out History.

Just My Thoughts

[khaled0111]

They're good for privacy, and at the same time, they have email aliasing features so you can point different email addresses onto only one mailbox.

thank you for the info and for the links, I was looking for an email service supporting this feature and didn't know which one to choose.
I wan't to know if after creating the aliases, if it will be possible to remove them or disassociate them from the main account. Also, how safe they are privacy-wise? I mean is there anyway someone could link an alias address to the main address?

Creating a new email for each platform isn't really an option for me. I already have dozens of emails that I don't even remember where I saved their credentials!

[asianguy845]

Having a good strong random password is good, but not everything.
Using a different email is the KEY.
Why? This is because websites are hacked, and the data in email:password or user:pass format is taken by hackers.
So even with a strong password, they already have the username and/or email with password, which they can use to check with other sites.
Ex. BitcoinTalk is hacked and they have your email/username & password. They might cross-reference with CoinBase or other common bitcoin/altcoin wallets.
This is why having different/strong passwords as well as different usernames/emails are VERY important.
How can you check if your email and password got breached? Just go to https://haveibeenpwned.com/ and enter your email to see if your email and password was breached.

Be careful out there guys 

[Findingnemo]

Using our primary email to complete random offers on internet will always end up resulting in the spam of our inbox and using google has no privacy at all because they are making money by selling our data.So we need to have end to end encryption like proton mail for our primary and crypto-related activities so we have less chance to be hacked unless we give login credentials to someone.

[Nellayar]

I do not object regarding the use of real email since I am also using my real name in my primary email address. I use it because I am currently finding a new job. But I have also other email addresses which I used in signing in. I never used my main account in logging in with other sites because I know that my name is at risk.


We have to be careful with our identity online, we don't where hackers will attack us. And maybe, even a single piece of our identity revealed, it may be a clue for them to find out where our funds hide or where we are in real world.

Internet is full of deception, scammers and hackers. Our security must be our priority because we might be in harm once they know us.

[mk4]

thank you for the info and for the links, I was looking for an email service supporting this feature and didn't know which one to choose.

Both platforms I suggested, Protonmail and Tutanota are good. Protonmail is more expensive at $5/month(Tutanota at $1/month), but Protonmail mostly has better UI/UX and has a better app.

I wan't to know if after creating the aliases, if it will be possible to remove them or disassociate them from the main account.

Yes. But for example, let's say that you pay for the 5 alias plan on Tutanota. When you remove 1 out of 5 of them, you wouldn't be able to create another alias as you've already used 5 of them(unless you pay for more aliases). This is to prevent people from abusing this feature by just creating and removing as much aliases as they want using the @tutanota.com domain. If you want to easily add and remove aliases without limits, use a custom domain(both platforms support custom domains).

Also, how safe they are privacy-wise? I mean is there anyway someone could link an alias address to the main address?

As far as I know, probably besides the service provider themselves, no.

[tvplus006]

This is why I always recommend using privacy-respecting email clients such as ProtonMail[1] and Tutanota[2]. They're good for privacy, and at the same time, they have email aliasing features so you can point different email addresses onto only one mailbox.

Whats the difference of these services from normal gmail and yahoo services cause they have payment terms?

I agree with OP, I never used my real name when using any crypto related affairs here in forum. Just using mostly my dummy account emails and segregate the personal email to important matters like jobs and family contacts. Thats why most users got have spam mail or phishing sites invites cause they use their own personal email that leads to breach their own bank account and even crypto wallet.

I assume that all the email addresses of bounty hunters who participated in the bounty on this forum are already available in such databases of scammers. Therefore, the only correct solution is not to click on links from emails that you received to this address.

[jossiel]

I have witnessed a lot of people complaining how they were hacked due to not activating their 2FAs. It's sad to see them complain although they were warned that it's part of security measures and everyone should apply it.

And at the same time these people use the same device for logging in and 2FA, completely negating the whole purpose of it.

The usage of 2FA for the purpose of using it, is not enough.
You still need to think about the whole purpose of it and how to use it properly i.e. do not use the same device for logging in and generating the 2FA code.

Yes, you're right that the whole purpose of using it must be known by many. But the sad thing is that, many wouldn't dive in to know more about it and at the same time, the application of it should be enforced to them.

They won't use it unless someone educate, notify and remind them that this is important.

I do not object regarding the use of real email since I am also using my real name in my primary email address. I use it because I am currently finding a new job. But I have also other email addresses which I used in signing in. I never used my main account in logging in with other sites because I know that my name is at risk.

This is a safe practice, you should only use your main email account for important matters such as business notifications, opportunities and other important stuffs.