By Praveen Kannan and Anna Strokolyst The Hotspot Shield team believes the internet should be open and secure …
There are several free email options, but most people choose Gmail, Yahoo! or Hotmail. Google Gmail is the leading free platform with 425 million users. Gmail users are targeted by spammers and email collectors and even hackers who want to send email to a user’s contact list.
Gmail has several integrated features including G+. Because of G+ and Gmail’s broad reach, it’s no surprise that these two platforms have become a breeding ground for advertisers. Before you think your private information is safe, two privacy concerns have surfaced that you should be aware of:
1. Users (including advertisers) are able to send email to your Gmail account without ever knowing your email address.
2. Google scans email content to display ads in your Gmail account
G+ and Gmail Integration
Social networks by definition are not private, because the point of using a social networking platform is to display your personal information to whoever has access to your profile. With platforms such as Facebook, interaction is completely through the Facebook web application and your information is only available if you enter it.
With G+ and Gmail, these two services are tied into one Google account. Google used to keep each service separate, but your Google services are now under one account umbrella. Not only is your email linked to your G+ account, but any Google service you use is linked to one email account.
If you’ve never used G+, it’s a spin on popular social media networks. Instead of “friending” someone, you “circle” people. Anyone can add you to their circles, but you must circle that person in return to share private posts. With G+, anyone who finds you can circle you and share information with you.
At the surface level, it seems innocent enough. Your email address isn’t visible to anyone even if they circle you. You can also circle people, and they will not be able to view your private email unless you message them through the G+ system.
The problem comes when a user wants to send you a message. G+ lets you send private messages to anyone. You can also send group messages to people you’ve circled. This means that advertisers can send messages to hundreds of users they’ve found on G+.
Before you decide to send a message in return such as asking the advertiser to remove you, think again. Once you reply, the advertiser has your email address. This means that your email address could get added to the advertiser’s mailing lists. A common way for spammers to make money is selling email lists, so not only do you receive email from the original sender, but your sold email address can be used by any number of spammers.
To add to the security issues, if the email list vendor gets hacked, it’s possible that the hacker can gain access to your email account. If the hacker is able to associate stolen data with your email address and password, the hacker can use the information to hack your personal accounts. For this reason, it’s important to keep different passwords for different types of accounts. For instance, don’t ever use the same password for your banking credentials as you use for email accounts.
Luckily, Google is rolling out some changes for G+, and one of those changes is the ability to turn off unsolicited G+ email. When they roll out the changes, you will have the option to filter out private messages from people you haven’t circled.
Google, Ads and Your Private Email
With email being an integral part of people’s lives, you need to protect its user name and password and the content. If you’ve ever noticed ads in your Gmail account, it’s Google’s Adsense. Adsense is an advertising platform for publishers. Google includes a scanning program that allows the search engine to read your email. The algorithm reads your email and determines the ads that show up in your Gmail. For instance, if you’re having a conversation about red widgets, Gmail will display ads that target red widgets.
Targeted ads are good for advertisers, but what does it mean for your privacy? Google’s algorithms have always been top secret, but it has been reported that Google is scanning your email and selling email addresses to advertisers. Google has even gone to court to defend the company’s right to scan emails to display ads that target your private messages.
While this issue might not seem important to some people, the issue is that your privacy is being invaded. There are no safety checks that protect your information from being stored and reused by Google’s advertisers.
The issue of privacy should be important to anyone. Reading emails means any type of email is scanned including private emails to your family or emails that discuss financial or medical information.
One way to avoid the email advertising scans is to open your Gmail from your mobile device. Gmail ads do not display on a mobile device such as an iPhone. When you download your email, it’s downloaded on a special Gmail connection that does not include ads.
Another way to avoid the issue is to automatically forward your Gmail to another email account. Gmail allows you to forward all mail to another personal domain account. Just make sure you forward to an email account you use to download email on a separate email client such as Outlook or Thunderbird.
With privacy being an issue, never send any personal information such as user names and passwords using email. Not only is this a dangerous way to share credentials, but it gives your information to hackers if they are able to gain access to your email.
Before you jump to another service provider, remember that Yahoo! email was hacked and accounts and passwords were shared in plain text in 2012. The issue is not the platform. The issue is instead the security of the platform.
The best way to avoid the privacy concerns is to use email accounts with your own domain. A domain costs approximately $20. With a domain, you can purchase email service for only a few dollars a month. The result is your own private email without the ads or the scanners.
For G+, while you wait for the privacy updates, never reply to any email if you don’t recognize the sender.