Email masking with Firefox Relay

With cybercrime on the rise, precautions like email masking are needed. Firefox's Relay makes it easier to protect your data.
30 March 2023
Getting your Trinity Audio player ready...

Email masking might once have seemed akin to wearing a tinfoil hat, but according to the FBI, phishing has been the dominant type of cybercrime since the COVID-19 pandemic.  For individuals as well as businesses, protecting private data is not only crucial but also increasingly complex.

As if keeping track of the different passwords necessary for keeping accounts on different platforms safe, it’s increasingly necessary to change up the email addresses you or your organization use.

As part of a more extensive data masking process necessary to businesses, email masking can protect against several risks:

  • Identity theft: cybercriminals with access to a genuine email address can emulate it closely, making it seem as though a malicious email has come from your account, or signing your company up to unwanted subscriptions.
  • Information breach: if a hacker gets access to a masked email, it is useless and can’t be used to access further information.
  • Spam and phishing: if one site gets compromised, it won’t risk other sites or associated accounts if sign-up used a masked email. Also, spam can be traced easily to the source — because each email mask is unique — and the specific account receiving spam can be deleted.

An easy way for businesses to use email masking is through offerings such as Firefox Relay. According to the site, Relay “protects your identity and your inbox with unique email masks.” For free, you can use up to five aliases, add Relay as a browser extension, and remove email trackers.

The paid version, Relay Premium, offers a unique relay email domain, so that the root of all your masked emails is the same, and thus easy to follow, e.g for shopping or for restaurant bookings.

You can also generate unlimited email masks with the Premium tier, which at a starting cost of $0.99 a month is a no-brainer for businesses and individuals that are conscious of data protection.

There’s an easy toggle menu that means you can specify which emails get forwarded to your real email. For example, shipping information is received but Firefox Relay will delete any promotional correspondence.

It’s very similar to Apple’s Hide My Email feature, which also creates unique email addresses to use with apps and websites so, again, your personal email stays private. The email addresses that it generates are randomized and each fully unique.

If you create an account with any app or website that allows Sign in with Apple, the option to use Hide my Email is now included. It means that the platform with which you created the account can only contact you at the random address. However, a mass of completely random email masks is hard to keep track of.

Although Apple devices can remember your login, the solution isn’t ideal for businesses where multiple people might need access to the same subscription login information. If you forgot the mask used for a specific site, you’d have to use the Apple device on which you created the account to recover the login details.

Firefox Relay is perhaps a better choice for groups and companies because of the centralized dashboard where users can view all of the accounts that Relay has created. Alternatively, open-source offerings such as KeePass and BitWarden function as an extra-step auto-fill password helper. Each will also autogenerate complex passwords and remember them for the user.

Full email inboxes have long been known to cause missed communications and are behind the GTD (gettingthings done) ideal of a zero inbox. However, keeping an inbox clear, when so many different logins are needed nowadays, can encourage users to use the same email and password for every service — cybersecurity’s very own definition of bad practice.

Further, our increasing dependence on the cloud, and remote access to potentially sensitive data means that security is crucial to businesses and their customers. Forgetting the associated costs, having to explain a leak of customer data is down to repeated use of an email and password is likely to be humiliating; email masking will soon be as commonsense as not using the same password twice.