Comment by B1FIDO
15 hours ago
Well, spam is no big deal, and any scam that comes via email should not affect anyone who is educated and prepared for them.
Of course, with a well-known email address, you could run a higher risk of credential stuffing, and an account takeover by someone who hijacks your email account, and then pivots from there to taking other accounts.
But this seems to be a risk we all take: email addresses are meant to be shared, to be public, and to be well-known to anyone to correspond with us.
I will say that disclosing my email address to certain parties has had noticeable effects. For example, I used "MYADDRESS+Echovita@gmail.com" once, and only once. My godfather had passed away, and I ordered some flowers for his funeral. And I put that order through with that email address.
Well, Echovita themselves had a data breach shortly afterwards, and I was inundated with scam emails. Just all sorts of attackers and they were basically all using the same M.O. But they were readily identifiable because I had used that "+Echovita" to identify it uniquely. And they really haven't stopped coming in. It's been 5 years since that breach.
So yes, especially with untrusted parties, it may help to tag your email address. I don't worry about receiving spam anywhere. But like I said, since I've never ever disclosed the addresses of 2-3 of my "alt accounts" they simply never receive any mail at all, spam or no spam.
Spammers, if minorly sophisticated, can strip those identifiers,
so wildcard mail acceptance on servicename@customdomain.com takes the crown if you’re setting this up fresh!
I did a wildcard acceptance for years, but it doesn’t scale as well something like Apple’s Hide My Email (or other comparable service) - with a catchall you have to then start keeping a blacklist of bad emails, and I started getting spam to generic addresses like info@customdomain.com or admin@customdomain.com - with @icloud.com addresses you can just delete an address and forget about it once it’s burned.