Use These Secret Gmail Addresses To Prevent Hack Attacks — Here’s How
Use these email aliases to protect your Gmail account.
I have written extensively over the years about how threat actors of all types target email accounts in various ways. Everything from dangerous files and stolen passwords, to clever technical security bypasses. When it comes to Gmail, with more than 2 billion users in 2025, it’s a natural magnet for these cybercriminal hackers. Google knows this and is fighting back, with passkey adoption and threat advisories, as well as behind-the-scenes updates. But you can fight back against scammers as well, and one of the best ways is as simple as it is ingenious: use these secret Gmail email addresses. Here’s what you need to know and do.
Fight Scammers Using These Secret Gmail Addresses
Let me start by reiterating what I have already stated, namely that Gmail is not alone in being targeted by email scammers, but given its position as the world’s most popular free email platform, it gets more than its fair share of hacker attention. The secret address trick that I am writing about will work for most email platforms; however, some, such as Proton Mail, for example, have the technology built in. With all that in mind, let’s get onto the meat and potatoes of creating and deploying email aliases in Gmail to help protect your account from attack.
The secret addresses I am talking about here are what are more technically known as email aliases. You can call it what you like, a pseudonym, a false name, nom de guerre, whatever. The primary point is that this email address is a secret known only to you and whoever you give it to as your Gmail address. The secondary point, and here comes the good bit, is that it routes all email sent to it back to your actual Gmail address. Although often recommended as something to be used to prevent spam when signing up for newsletters or website content, I think the real power of the secret Gmail address is in protecting your account from scammers.
How so? Because these account hackers, these scammers, rely upon convincing you that an email is from a genuine brand, vendor, product or service. Even the highly-publiicized AI-powered attacks on Gmail users of late use this brand impersonation to engender trust in the victim. But if you got an email sent to an address that you have only ever used to sign up for a Cosplay newsletter, and it’s informing you that your Google account has been compromised, you aren’t going to take it seriously. At all. Using email aliases will substantially reduce the threat footprint, because the hackers don’t know that’s not your genuine, everyday email address.
How To Deploy Secret Gmail Addresses Right Now
There are many ways to use such email aliases, with Apple users having access to the Hide My Email feature, or even using the old chestnut that is adding a + into the address itself, such as [email protected]. There are two problems here: not everyone is an Apple user, and adding a + to an existing Gmail address does nothing to actually make your address a secret one.
Thankfully, there are solutions that are just as easy to use. I’m going to highlight my favorite here, which is using DuckDuckGo email protection. It’s free to use but does require you to use the DuckDuckGo web browser to set it up. There is no ongoing necessity to use the browser as your default or to use the secret addresses once configured.
Step 1: Download the DuckDuckGo browser and head to Email Protection in the menu.
Start to setup a DuckDuckGo email alias.
Step 2: Choose a name for your Duck Address, this isn’t going to be the secret address you will be using going forward, so it can be easy to recall.
Choose your Duck Address.
Step 3: Make sure your addresses are correct.
Make sure both addresses are correct.
Step 4: Select Generate private Duck address from the email protection menu to create your secret addresses to use.
Create secret email addresses easily.
And that’s it. Just use these addresses every time you need to enter an email address, and you will know where the email is coming from. More importantly, you will know where it has not come from. It isn’t a silver security bullet, because those do not exist. It is, however, another tool to use against scammers who attempt to attack your Gmail account.
Yeah, voter spoken pasta doesn’t look like a real Google support address to me.