Those Hotmail and America Online email addresses may seem ancient, making you think about changing to a different and more secure email platform. 

Maybe that old address has become a cesspool for spam, or it’s linked to personal information that’s been leaked and is being flooded with phishing emails.

But changing email addresses might not be necessary. Those older email platforms can offer up the same security as any other platform, cybersecurity experts told ConsumerAffairs. 

It isn’t about the age of the platform, but how the consumer utilizes the available security systems, which may not be the email’s default settings.

Each of the major platforms like Google, Microsoft and Yahoo offer these security options, such as marking and reporting spam emails and phishing attempts. But if you’re put on a mailing list and are having trouble unsubscribing from the list, Gmail users can benefit from using the one-click unsubscribe button. 

It’s just a matter of taking those extra steps, such as enabling multi-factor authentication and passkeys, and not taking the path of “least resistance,” said Michael Daniel, president of Cyber Threat Alliance, in an interview with ConsumerAffairs.

Data breaches affecting more consumers

But if your email has already been exposed on the dark web through a data breach, it is outside the user’s control, said Troy Leach, chief strategy officer at Cloud Security Alliance, in an interview with ConsumerAffairs.

It is why he said that “every consumer has to think of themselves as an individual soldier.”

Leach also advises that consumers use a strong password, use third-party anti-phishing software, limit sensitive emails on older accounts and monitor login history on devices for extra protection.

Have I been Pwned and Databreach.com also allow people to check for free if their email was involved in a data breach or posted on the dark web.

For instance, have you ever received an email or postcard informing you that your information has been compromised as a result of a data breach? Or a phishing email impersonating Paypal or Amazon, notifying you of charges for a device you never purchased?

Your email may be compromised.

There were 3,158 compromises in 2024 with more than 1.3 billion victim notices, according to the Identity Theft Resource Center’s 2024 Data Breach Report, which looks at data breach reports, victim notices and underlying trends.

In 2023, ITRC reported 3,202 compromises with 419 million victim notices.

It was the “mega-breaches" that affected the most consumers with top businesses being Ticketmaster, Change Healthcare, DemandScience by Pure Incubation, AT&T and MC2 Data.

AI as an attacker and defender

Data breaches are not going away. Victims are growing day by day and Artificial Intelligence is only making it worse.

“It will get much worse before it gets better,” Leach said.

No data breach notices were attributed to AI in 2024, according to ITRC’s report, but it has changed the quality of email, texts and website phishing attacks

“The adoption rate has been slower than people thought it would be,” Daniel said. “But, it’s coming.”

Daniel added that scammers’ current phishing attempts may still be yielding desired results, but once they switch to AI, it will have the capacity to “supercharge” phishing scams, deepfakes and more.

Leach points to AI use on the dark web, already writing malware, with bad actors looking for the “right target.” And it’s creating a challenge as the use of malicious malware outpaces the use for the good it can do.

But when using AI for defense purposes, it can help write code to plug potential security holes and offer better analysis of threats, Daniel said.

Leach, who is also on the board of advisors for Scamnetic, an app that uses AI to detect scams, said the hope for the long term is that AI can identify vulnerabilities in emails and text messages, rewrite code to protect and empower consumers.