In 2024, email breaches continue to pose a significant threat to personal and corporate security, with millions of email addresses exposed in data hacks. An email breach occurs when malicious actors infiltrate a company’s system, stealing customer data, including email addresses. This stolen information can be used for phishing attacks, identity fraud, and other malicious activities.
The Red Flags
If you’ve noticed trouble logging into your email or unusual activity within your account, your email address may have been compromised. While services like Norton and Have I Been Pwned allow users to check if their email has been part of a breach, these tools don’t guarantee complete security. While some compromised email addresses may remain dormant, others are exploited for harmful purposes, making vigilance essential.
Susceptible Names and Providers
To unpack the trends regarding the most vulnerable names and email providers in breach databases, Mailsuite released its latest report, which revealed that “Bob” is the most vulnerable male name, with an average of 180 breaches per email address. “John” followed closely with 175.1 breaches. Even the 20th most vulnerable male name, “George,” had over 100 breaches on average. For female names, “Maria” led the list, though with significantly fewer breaches than “Bob.”
The report analyzed 18,000 email addresses generated from common first and last names combined with leading email providers. These addresses were cross-referenced with breach data from Have I Been Pwned to identify trends in vulnerability.
Putting a Target on Your Back
These findings suggest that while including your real name in your professional email might be convenient, it also makes it easier for attackers to target you. Experts recommend using multiple email addresses for different purposes to mitigate risks.
Surnames from various cultural backgrounds also showed vulnerability. “Ali” was the most compromised, with significantly more breaches than other common surnames. The wide range of surnames highlights the widespread nature of these threats.
When it came to email providers, Gmail was the most frequently breached, followed by Yahoo and Hotmail. This isn’t necessarily an indication of these companies’ security weaknesses but may reflect their large user bases and the overlap between their users and breached organizations.
Protecting Your Digital Identity
Given that 91% of all cyberattacks begin with phishing, the report said it is crucial to remain vigilant about your digital security. Experts recommend using security software, maintaining multiple email addresses, and varying passwords across different platforms. Regularly checking breach reports and updating security measures can help mitigate risks if your email address is compromised.
The Methodology
For the report, Mailsuite built a seed list of the most common first and last names in the United States from Name Census, including:
- The 500 most common (by count) male and female names
- the 1,000 most common last names
Then they created a list of email addresses by combining the names and email provider/providers. They used seven email providers, gmail, hotmail, outlook, iCloud, mail, yahoo, and gmx. Mailsuite ran the 18,000 generated email addresses through the email breach database Have I Been Pwned and recorded the number of breaches each address appeared in.
To rank the names, the team calculated the average number of email breaches per name across the providers. To rank email providers, they calculated the average number of email breaches per email provider across the names.
To read the full report, click here.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.