(Credit: Zain bin Awais)
When you order something online, you give up a little privacy. If you don’t supply your street address, the company won’t know where to send it. And you almost certainly provided your email address with the order. Of those bits of information, your email address is more concerning. Sure, the merchant might sell your street address to junk mailers, but sending that junk to your mailbox isn’t free. Sending spam to your email, on the other hand, costs nothing, and the amount of spam you get reflects that fact.
You don’t have to accept loss of privacy as the price of shopping online. You can place online orders, participate in chat rooms, leave comments on posts, and more, all without ever revealing your actual email address. All you need is a temporary email service.
Why Do You Need a Temporary Email Address?
When you have a life online, you use your email address everywhere. Want to read an online magazine? Sure! It’s free! Just sign up with your email. And every secure website requires a password and username, with the latter commonly being your email.
The passwords you store with merchants and forums and such should be secure. In a data breach, passwords typically remain encrypted. However, your email address has no such protection. And even if there’s no breach, nothing is stopping the merchant or site owner from selling a customer list that includes your email.
As noted, when you spread your email address promiscuously around the internet, you’re likely to get a ton of spam. Sure, your email client filters out most of it, but not all. Using temporary email addresses cuts off spammers at the knees and is more effective than filtering out spam after it happens.
There are darker consequences to letting just anybody know your email. Identity thieves often use it to kick-start their hacking efforts. They try to gain access to hundreds of popular websites by combining a list of breached addresses with a dictionary of common passwords. Unlike spammers who broadcast to millions, phishing fraudsters may target you through email, hoping to trick you into clicking a dangerous link.
Temporary email addresses come in several different forms. Some companies refer to them as disposable email addresses or DEAs, while others simply call them email aliases. Some use their own terminology, but they all operate the same way. Here are some examples: Bulc Club has email forwarders; Burner Mail has burner emails; Cloaked has cloaked identities; IronVest has masked emails; and ManyMe has FlyBy addresses. Here, I use email aliases, DEAs, and temporary email addresses interchangeably.
One more thing. You might have learned that most email clients ignore anything after a plus sign in the account name portion. As far as they're concerned, bill_gates+shoes@microsoft.com is no different from bill_gates@microsoft.com. You could theoretically use this fact to define sub-addresses for yourself, even going so far as to have a different one for every merchant. But doing so doesn't hide your actual email since any half-clever hacker knows to strip off the "+shoes" portion. The link between a particular plus-type address and the corresponding merchant exists only in your memory. Trust me, you get a lot more from an actual temporary email service.
How to Create a Temporary Email Address
Now that you know the benefits, let’s discuss the nuts and bolts. The first step is to sign up for the service of your choice and create an account. If you’re new to email aliases, consider trying a free service, such as Bulc Club or ManyMe, or one that offers a free (and possibly limited) tier, such as IronVest or SimpleLogin.
As part of the setup process, you supply your actual email address so the service knows where to forward messages. In most cases, you select a unique identifier that forms part of every DEA you create. This identifier must be unique across the whole user base, just as no two addresses from the same email provider can be the same.
What Do Temporary Email Addresses Look Like?
Regular email addresses tend to have familiar layouts, like isaac.newton@gmail.com or euler2718@hotmail.com. Email aliases have distinct patterns. An email alias will always end in a domain that the service owns. For example, Bulc Club mail forwarders always end in @bulc.club, and ManyMe FlyBys end in @manyme.com. To avoid the possibility of a website blocking the use of email aliases, IronVest maintains about 50 domains for masked emails, doling out a random four to each user. Cloaked rotates through 40 domains for the same reason.
Typically, the account part of an email alias consists of the unique identifier I mentioned combined with either a custom word or a random string of characters. Sometimes, the random part uses words, so it might look like cease.click.trace or midwest_bepinch rather than 309c9025. As with passwords you save in a password manager, you generally don’t have to remember these since the service handles it for you.
How to Use a Temporary Email Address
Now that you understand what a temporary email address looks like, using one is ridiculously simple. When you encounter a website that requires your email address, let your service generate an email alias instead. Most of them offer a browser extension that you can click to create an alias. Some put the offer to protect your actual address right in the email entry field.
A few of these services, notably Bulc Club, ManyMe, and (to an extent) SimpleLogin, take ease of use a step further. They let you create a temporary email address on the fly without even touching your computer or phone. For example, if you’re attending a conference, you might give people you meet an email like myname.dragoncon2025@manyme.com.
OK, you’ve engaged with a merchant or other website using an email alias. What do you have to do to keep in touch? The answer is...nothing. Email from the merchant comes to your normal inbox. When you reply, the merchant sees the reply as coming from the email alias. If you do nothing more, you’ve already protected your real email account from exposure.
Of course, a sleazy merchant could still sell your temporary email to a spam bureau. But if they do, they’re busted. You can tell which connection is to blame based on which email alias gets spam. At that point, you can simply cancel the alias (and find a more trustworthy merchant). Cloaked and ManyMe let you finesse the relationship, for example, by locking an alias to certain senders. Now, you can still converse with the merchant, but any extraneous mail or spam doesn’t reach you.
If you want to take full control of your communication, some services go beyond linking a single real account to multiple aliases. With Burner Mail, IronVest, and SimpleLogin, you can link your temporary emails to different real-world accounts or even have one alias forward to more than one real account.
Protect More Than Your Email
With a temporary email service, you can connect all over the web without risking exposing your email in a breach. You’re cutting down on spam and reducing your vulnerability to identity theft attacks with almost no effort. If you like that idea, consider masking even more of your personal details and check out our guide to staying anonymous online.