PRODUCTIVITY: Using GMAIL to avoid phishing

GMAIL has an interesting plus feature. If you think of email address syntax as user@provider.xxx, then you can put anything you want after a plus sign. So it’s user+string@gmail.com. You can use that feature to protect yourself from phishing attacks.

For example, create a random string for your “Mammoth Big Bank” bank (e.g., D3BCA3846CB5). Assume your email id is user@gmail.com. Then you tell your bank that your email address is user+D3BCA3846CB5@gmail.com! Anything purportedly coming from Mammoth Big Bank has to come with your secret code or you’ll ignore it. You can trash anything coming from Mammoth Big Bank that does NOT have your secret code.

If you’re like me and have lots of dedicated email address, then you can actually set a GMAIL label and filter to discard email that doesn’t authenticate with the secret code.

It’s simple and easy to protect against phishing.

Just don’t forget the D3BCA3846CB5! ;-)

Please leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s