Welcome back to Trial by Wire! My name is Denton, and today, we're continuing our conversation on the Internet by talking about how to have a conversation on it! This episode will cover one of the oldest forms of Internet communication: the email. By the end of the episode, you should be able to identify how email addresses are used and why you may want to be careful with yours. Let's get started!
"E"-mail stands for electronic mail. Remember how we talked in episode 2 about technology "metaphors" where technology is designed to look like real-life objects. In a lot of ways, email is very similar to that. You receive messages in an "inbox", a virtual mailbox. Every email user has an address, usually formatted as "username"@"location". Location, in this case, is the address of your mail server, or the server that handles sending and receiving email. Think of it like a P.O. box. - you go to a location to retrieve your mail, and your address indicates where that location is. For example, the show's email is trialbywireshow@gmail.com, which means that we use Google's Gmail service as our email provider. Other popular email providers include Yahoo, Outlook, and Proton.
At its core, email is pretty simple. You choose your provider, create an account, and get assigned an email address. From there, you can choose a client to use to access your inbox, whether that's a phone app, a desktop app, or just the website itself. You can send a virtual letter to pretty much anyone that can include text, photos, videos, and links. If you no longer want to keep an email message in your inbox, you can drop it into a virtual trash can. Unlike real mail, though, email providers will filter email messages for you. Emails that you don't want (and sometimes, emails that you do want) will be put by your provider in a "spam" folder so you aren't notified when you receive them and they don't clutter up your inbox. You can also set your own filtering as well; I've configured my work email with a number of filtering rules so hopefully only important email ends up in my main inbox.
If you've been on the Internet for any amount of time, you likely already have an email address. So why am I dedicating an entire episode to talking about it? Remember that under Web 2.0, users can provide content on websites. That content has to be associated with you somehow; otherwise, how is the site supposed to be able to tell what content is yours? Because of this, we have the concept of a "user account" - a representation of a user on a website. Most sites will let you set something called a "username" which identifies your account and a password which ensures that no one else can pretend to be you. Because the site needs a way to contact you in certain circumstances, it will usually also ask for an email address when you create your account. Because both your username and your email uniquely identify you (and to keep you from having to remember multiple things), some sites will just let you use your email as your username.
This is a major reason why emails, old as they are, are still so important in today's Internet. Emails serve as both identifiers for your online accounts and methods of contact for those accounts. If you need to reset your password for an online account, the site will likely reach out to you via email. If a site is updating its Terms and Conditions, the contract which you as a user sign with the site, the site may notify you via email. And, of course, if a site has something it would like to promote, it will probably reach out to you via email. Thankfully, most of those have an unsubscribe button or can be filtered away so you aren't overwhelmed by them.
This importance makes email accounts a tantalizing attack surface for attackers. If someone gets access to your email account, they can do a lot of damage. They can reset your passwords to all of your online accounts to gain access, including banking or medical accounts. They can send messages to others pretending to be you, including coworkers or family members. They can open up new accounts in your name, including on unsavory websites, which could lead to damage to your reputation and unsolicited contacts. The usefulness of an email account makes it dangerous in the wrong hands.
So, how do you properly use and protect your email addresses? Let's talk about it.
First, you'll want to make sure that your email account has a strong, unique password associated with it. Because your email address is so important, you want to minimize the chance that someone can break into it. If your Wayfair and email accounts both use the same password, and Wayfair's password database gets hacked, the hacker can now get access to your email address and many of your other accounts. The Cybersecurity and Infrastructure Security Agency, or CISA, recommends making your passwords at least 16 characters long. If that seems like a lot, use a password manager like we talked about in Episode 4; it'll help you generate a great password and remember it for you. Since your email account is one of your most valuable accounts, you should also look into setting up something called "multi-factor authentication", or MFA. For example, you can set up an "authenticator" app on your phone to generate random codes for you that you have to enter in addition to your password when logging in. This means that someone would have to have both your password *and* your phone, two factors, to get into your account. I'll drop some links from CISA with more information in what's called the "show notes" of the podcast. On both podcasting platforms and YouTube, you should be able to check the description of the individual episode and find these links.
It's also a good idea to have and use multiple email addresses. This seems counterintuitive to our metaphor; you only have one physical address, so why have more than one online address? The problem is that email addresses also identify you. Let's say that your Facebook account, your online banking account, and your Amazon account all use the same email address. If you only have one email address, and a hacker gets ahold of it, they now have access to all of your online accounts. I found a really good article from Tom's Guide.com talking about the dangers of having one username (usually your email address) across your accounts that I'll also link in the show notes. There are other ways to help mitigate this problem, though - Apple introduces a feature in iOS 15 called "Hide my Email" which can generate email addresses for you and send them to websites in place of your actual email address to help hide it. This and other things can help you save actually putting your email address out into the world.
Remember when we talked about phishing scams in episode 4? Emails are rife with phishing scams. If you ever get an unexpected email, especially if it claims to be from an online account, never click on any links in the email. Independently verify the email! You can log into your account and see if there are any notices on there, on your dashboard. You can also contact the website owner using the official contact information from their website. Importantly, don't use any contact information you receive in the email; it might be fake! Phishing emails can come from trusted sources as well, even family and friends if their accounts become compromised, so always verify any links you get before you click them. Even the unsubscribe button on a newsletter you're not expecting could be a trap; feel free to use that delete button or mark it as spam. The same goes for attachments in an email; be careful what you choose to download, because it could be a virus!
Finally, when you're sending email messages, make sure to use proper "netiquette", or net etiquette. Emails are virtual letters, and nobody wants to receive a nasty letter. Try to avoid sending the kind of email that someone would filter into a spam folder or delete. Keep it short and to the point, use proper grammar, and write a good one-line summary of the email in the subject line so the sender knows what it's about before opening it. One interesting generational note is that writing in all caps is interpreted online as yelling, so don't use it in an email unless you're intending to yell (and even then, maybe don't yell in an email). And definitely don't be like 11-year-old Denton and forward every chain email you get. It's not a good look.
Personally, I don't think email will be around forever. As the Internet continues to seek out new ways to increase security and provide advanced identity protection, email addresses are becoming increasingly outdated as identifiers. However, in 2024, we're still using them, and it's important to use them well.
Your homework for this week is to send me an email! You can find me at trialbywireshow@gmail.com. I want to know what you think about the show so far. What kind of topics do you want to hear about? What do you like, and what don't you like? Think about that, and I'll see you next time!
Hey, thanks for listening! Subscribe for more if you like what you heard. If you’re on YouTube, give us a like and a comment, or rate and review us on your favorite podcast feed. It helps out a lot! If you want to talk to us, you can find us on X (formerly known as Twitter) or on Instagram at @trialbywireshow or on Facebook at facebook.com/trialbywirepodcast. You can also send me an email at trialbywireshow@gmail.com. See you soon!