In the news today was this story: Epsilon email hack: millions of customers’ details stolen.
Then in my inbox this morning was a message from TIAA-CREF from which I quote:
“TIAA-CREF has been informed by Epsilon, a vendor we use to send emails, that files containing the first names, last names and email addresses of some TIAA-CREF participants were accessed without authorization.”
Not the first story of its kind, and it won’t be the last. But here is a huge case in point why I don’t use freemail (Yahoo, Google, Hot Mail, etc.) and why you might want to just say NO to freemail.
Let’s say your email, like mine, has been compromised in the Epsilon debacle. And make no mistake folks, these days it’s not a few teenage misfit hackers after your email. It’s organized criminal gangs in some places even scarier than the country where I live, places where for all practical purposes there is no law. They want your email so they can go phishing, trick you and take over your identity, and ultimately steal your money. Talk about invasion of the body snatchers. Space Aliens might be less nasty.
So the bad guys have your email now. What are you gonna do?
If you’ve hopped on the freemail bandwagon you have 2 choices:
- Keep your using your freemail account and deal with the resulting spam and phishing, and hope you don’t make a boo-boo about the latter.
- Back up your freemail address book, close your freemail account, open another freemail account, import your address book, and spam everybody in your address book to tell them you have a new email address and hope they remember to update their address book. Then go to all the places where you have signed up for something or other (you remember ‘am all, right?) and change your email address.
I was originally going to rant about how I don’t use freemail because modern corporate behaviour doesn’t inspire me to trust Megacorp. Inc. with my personal email communications data. Not that there’s anything there I would be mortified about if it showed up on Wikileaks (there’s a hoot!) It’s just the principle of the thing, which I guess I’m cranky enough to care about. But this Epsilon thing points up the real reason why I don’t use freemail and why maybe you ought to think about dumping yours.
An alternative – and it’s cheap front-line defense
Let me give you the example of my Dad. A few years back he was a senior citizen struggling with email stuff. He was inundated with spam and ads, he was having trouble using the web interface, and he was getting no support. Plus he was shelling out $30 a month to AOL for it – not a freemail, but he’d have had similar trouble with something like Yahoo I’m sure. He thought so too, plus he didn’t much like the idea of using freemail. (“There ain’t no free lunch!”)
My Dad simply wasn’t aware there is an alternative: register a domain, host it on a reputable hosting service, and take control of your email and a lot more.
I pointed him to a domain registrar and he registered some .org domain for $10 a year. (Could have got a domain like .info cheaper, but he liked .org.) Then I pointed him to the hosting service I use (shameless self-serving plug below) which cost him $7.77/mo.- $93.24 a year. He called up their free support line and they explained to him how to set up an email mailbox. I showed him Mozilla Thunderbird and how to set it up to use his new email account. He was delighted with that… found it easy to use and much more stable than the AOL client. Then I showed him the trick I’m about to tell you about that could help keep his email secure and make life easy in situations like this Epsilon thing. He set it up, never looked back, and was happy as a clam with it til the day he died. Negligible spam, zero ads, and his overall cost was 1/3 of what he had been shelling out to AOL, and amounted to about 1/4 of his annual cost for 1 zillion TV channels on Dish Network.
So TIAA-CREF just told me my email address has probably been stolen. This doesn’t bother me. But my address has been ripped off and now I’m gonna get spammed and phished right? WRONG.
Before I signed up with TIAA-CREF online, I set up a special email address that I gave only to them. Let’s say firstname.lastname@example.org. It forwarded all emails from them to my “real” email, which I don’t give out. This morning I went back into the control panel and deleted that address. I then set up a new forward, like email@example.com. Then I logged in to my TIAA-CREF account and put that new address in my profile. Now when the body snatchers send email to that stolen address, it will bounce back. But TIAA-CREFF will still be able to contact me. Minimal hassel, and no worries.
I do this with all companies/organizations I do business with ongoing. I also keep a couple of catch-all forwards like firstname.lastname@example.org for use with 1-time purchases or other things I don’t plan a long-term relationship with. If I start getting a lot of spam (which hasn’t happened yet), I’ll just delete them and set up something else for future use. Speaking of spam…
On several forums, I’ve heard a lot of complaints about the spam people get on their freemail. And lack of support. Etc. etc. What do they expect? They help MegaCorp. Inc. reap jillions, they get free email. That’s the deal. Ya want caviare and chilled vodka with that? Another benefit I get for my money: my host is comparatively small, and thus not a major international target for spammers. They have very effective anti-spam in place. On top of that, I can go into my control panel and blacklist anybody who does get spam past the safeguards. I can forward the spam to the provider who will take further measures to prevent the spammer from returning in the same incarnation. In the words of Steely Dan, “it’s cheap, but it’s not free”. Today’s email from TIAA-CREF reminds me it’s worth the cost and the little extra fiddling with email forwards.
And now a shameless self-serving plug!
I got an email this week from my hosting company about a Spring promotion they have going: $3.88/mo. for the first year (it goes to $7.77/mo. after that – still cheap for unlimited storage, unlimited traffic, unlimited email accounts, lots more). Easy, no-gimmicks single plan with everything a lot of people would ever need. Another reason I like them.
If anything I’ve pontificated on so far appeals to you and you decide to Just Say NO to Freemail… if you use these links to sign up with these guys:
… I get a little kickback towards the cost of my hosting, which will help me keep my free MP3 music downloads online and happening.
To be frank, they don’t have the best deal on domains. For just $1.99/mo. (renewal will be $8.99) over at proserverhosting.com you can register a .info domain …all you need if you just want one for personal use for email, and maybe a small personal site. It’s a little more complicated to point a domain registered elsewhere to a hosting account at PowWeb. You might not mind spending a bit more and let them handle everything.
Well, I guess it all comes down to “Ya pays yer money and ya takes yer choice". For my money, I’ll choose registering a domain and subscribing to a good hosting service over ad-plastered MegaCorp freemail any day. Do whatever works for you.
Thanks for listening. Have a nice day. Stay out of jail.