STRONGSVILLE, Ohio — Many of us have several email accounts that we might use for different things, like work or personal business – and then there’s the accounts you haven’t used for years.
Experts say keeping those around and not monitoring them could pose a huge security risk.
“Its almost like the cornerstone of your whole digital life,” Alex Hamerstone, the Practice Lead for Governance, Risk Management, and Compliance at TrustedSec, an information security consulting team based in Strongsville, said.
“Because all of your banking information or whatever other accounts you have, whether its retailing or Amazon or whatever, usually use your email address.”
Hamerstone says older ones are especially at risk and you’re less likely to notice any unusual activity on those accounts because you don’t regularly use them.
“And these old email accounts we don’t even think about. It's something from the past, even if it's an old social media account or MySpace or who knows what it is. When was the last time you thought about any of that?” Hamerstone said.
If a hacker gains access to any of your old email accounts, they could of course use it to send emails to other people in hopes of getting information from them.
But the biggest risk is when that old account is tied to your current ones and hackers gain access to those, so its important to take action now before that happens.
“So if you’re able to get their username and password off one site, they may be a much easier target. You can oftentimes take those usernames and passwords and try them at banks, or try them at more important places and you’ll get right in,” Hamerstone said.
“You have to figure out which ones you had, I mean, that’s probably half the battle," he said.
And once you do that, determine what you want to do with them.
The best thing is probably to just delete those old accounts and be done with them, but if you want to keep them around, add an extra layer of security.
“Even some of these older email services now offer multi-factor authentication, so you can set it up and tie it to you cell phones so if someone wants to log in from an unrecognized computer, then it will send you a text message and you have to approve it or enter a code,” Hamerstone said.
Experts also suggest that when you make new passwords don’t reuse them from site to site.