Your email address is a precious commodity for hackers — and here's why

Yahoo Life is committed to finding you the best products at the best prices. Some of the products written about here are offered in affiliation with Yahoo. We may receive a share from purchases made via links on this page. Pricing and availability are subject to change.

Concerned black woman looking at computer screen with furrowed brow, possibly after having been hacked.
What can hackers do with my email address? A lot. Here's how to protect your identity(Photo: Getty) (Delmaine Donson via Getty Images)


If you’re like most people, you’ve had the same email address for ages and everyone knows it. You probably use your email for everything from newsletter subscriptions to social media log-ins without giving it a second thought. After all, it’s just your email address, right?

It’s not that simple. Your email address is actually a precious commodity for hackers because it’s essentially “a tile to the mosaic of your life,” says Adam Levin, cyber security expert and founder of CyberScout. And it’s a big tile, because once a scammer connects your email address to your name, the rest of the mosaic can materialize, and that could include your social security number, driver’s license and other identity-theft ammo.

One of the best weapons against identity theft is a software like LastPass Premium. Read on to find out how else you can protect your identity.

Try LastPass Premium risk-free* for 30 days

How does a scammer use your email address against you?

Email theft is a common occurrence — 1.68 billion email credentials were stolen in 2018 alone, according to the Identity Theft Resource Center — and it can have far-reaching repercussions. Think of how often you use your email address as a username for online log-ins, for instance. “Hackers who want to break into your online accounts now have 50 percent of the puzzle,” says Levin.

Once your email address is on a scammer’s radar, it’s game on. In a laser-focused attempt to learn your online passwords, they can delve into your personal information or even fire off well-disguised phishing emails to get you to disclose the passwords yourself. And if a hacker is able to break into your actual email account, they can start accessing all of your associated accounts and even lock you out while they’re busy doing damage.

The damage can extend even beyond you. “With the password of the main email, hackers can impersonate the [owner], send emails to their contact list or send private messages through social networks,” Rafael Lourenco, executive vice president of fraud-prevention organization ClearSale, tells Yahoo Life. “The attacker can spread viruses...They may have access to your physical address, phone numbers, purchase history, workplaces, etc.”

Levin calls this pandemic-like phenomenon “the digital equivalent of a super spreader.”

Your first line of defense

Worried displeased businessman reading bad news on his laptop computer while sitting at desk with a cup of coffee and digital tablet in the living room.
Make your passwords impossible for hackers to guess by using LastPass Premium. (Photo: Getty) (Tijana Simic via Getty Images)

The good news is there are things you can do right now to help prevent such a nightmare from ever happening. One is to make your passwords impossible to guess and to change them regularly. But who has time to constantly update passwords manually across all their online accounts? The solution is simple: delegate the job to LastPass Premium, an online password manager that puts the process on autopilot.

LastPass Premium is a secret weapon that runs quietly in the background to help keep your identity shielded at all times. The software creates “long and strong” passwords, which the FTC says are crucial to your online security, for every single account you’re signed up to. And that includes your precious email account, but it also includes credit cards, online banking, streaming services and any account that retains your payment information. After all, your money is one of the primary “prizes” that hackers are vying for.

One LastPass Premium subscription can hold an unlimited amount of passwords — and that includes the password to your work email, which has become a hot-button issue as so many of us have been working from home. The software stores the entire inventory of passwords securely across all of your devices, and automatically logs you in everywhere as soon as you prompt it to.

Try LastPass Premium risk-free* for 30 days

What else you can do to prevent email theft

Concerned young hispanic lady looking on smartphone screen having finance savings stolen from bank card as money fraud result. Upset nervous latin woman become online scammers victim
Two-factor authentication and face identification can keep your email account extra secure. (Photo: Getty) (fizkes via Getty Images)

Once you have password management on lock, make sure to enable multi-factor authentication wherever possible to really double down on account security; most email services provide this added layer. Levin also recommends signing up for a dark web monitoring service, which he calls an essential component of guarding your identity.

Credit reporting sites like MyFico and Credit Karma as well as many credit card companies offer dark web monitoring, which alerts you as soon as it detects that your name or email are in use by threat actors, so you can change your passwords immediately and dig deeper for any suspicious activity on your accounts.

At the end of the day, Levin emphasizes that keeping your email account and your personal identity safe comes down to respecting what he calls “the three Ms: minimize your risk of exposure, monitor activity related to your identity, and manage the damage,” if it comes to that. Do it for yourself, and do it for the network of people you’re connected to.

“You’ve got what hackers want, and it may not only be you,” warns Levin. “You may be the tributary to an even larger river.”

Try LastPass Premium risk-free* for 30 days