Comment by B1FIDO
1 month ago
Well, spam is no big deal, and any scam that comes via email should not affect anyone who is educated and prepared for them.
Of course, with a well-known email address, you could run a higher risk of credential stuffing, and an account takeover by someone who hijacks your email account, and then pivots from there to taking other accounts.
But this seems to be a risk we all take: email addresses are meant to be shared, to be public, and to be well-known to anyone to correspond with us.
I will say that disclosing my email address to certain parties has had noticeable effects. For example, I used "MYADDRESS+Echovita@gmail.com" once, and only once. My godfather had passed away, and I ordered some flowers for his funeral. And I put that order through with that email address.
Well, Echovita themselves had a data breach shortly afterwards, and I was inundated with scam emails. Just all sorts of attackers and they were basically all using the same M.O. But they were readily identifiable because I had used that "+Echovita" to identify it uniquely. And they really haven't stopped coming in. It's been 5 years since that breach.
So yes, especially with untrusted parties, it may help to tag your email address. I don't worry about receiving spam anywhere. But like I said, since I've never ever disclosed the addresses of 2-3 of my "alt accounts" they simply never receive any mail at all, spam or no spam.
Spammers, if minorly sophisticated, can strip those identifiers,
so wildcard mail acceptance on servicename@customdomain.com takes the crown if you’re setting this up fresh!
I did a wildcard acceptance for years, but it doesn’t scale as well something like Apple’s Hide My Email (or other comparable service) - with a catchall you have to then start keeping a blacklist of bad emails, and I started getting spam to generic addresses like info@customdomain.com or admin@customdomain.com - with @icloud.com addresses you can just delete an address and forget about it once it’s burned.