The easy way is the wrong way.
From time to time, I get emails like this one:
Hello everyone,
Just letting you know we have changed our email address to {email address removed}.
Our old address, {email address removed}, was compromised. Please delete it.
We will stop using our old address immediately.
Thanks,
{name removed}
{new email address removed}
On one hand, this is an easy way to let your friends and family know that your email address has changed.
On the other hand, there are serious drawbacks to this approach. Let’s review the most common and what you should do instead.
Changing your email address
Emailing everyone about your new address seems easy, but you risk exposing contacts, wasting effort, and being ignored by companies and mailing lists. Instead, tell friends privately (using BCC) and change your email directly in each online account. It’s slower, but it works.
Problem #1: CCing everyone
You can’t see it in my example above, but the individual who sent that message included all the recipients on the CC line… all 68 of them.
Honestly, I’m surprised their email provider allowed them to do that.
Not only will the message be difficult to read in some email clients (long lists of email addresses sometimes take up a majority of the space above the message itself), but the sender exposed everyone’s email address to everyone else, whether or not they were okay with that.
Email addresses are funny things. While many people think them unimportant, to others, giving out someone’s email address without permission is an inconsiderate breach of privacy.
Problem #2: Using this for companies
Since I could see them all, I reviewed the list of additional recipients. I saw many email addresses for companies that this person had done business with, including major drugstore chains, bookstores, and more. That may not be information this person wanted to expose to everyone.
The good news is that companies don’t pay attention to this kind of email. They don’t have time to handle individual email address changes this way. They won’t see the lengthy list of CC’ed email addresses.
The bad news is that companies don’t pay attention to this kind of email. They don’t have time to handle individual email address changes in this manner. The email was probably ignored completely. More importantly, your email address with that company will not be changed.
There could be more bad news. A less-than-honest company could pay just enough attention to harvest the email addresses from the CC line and start spamming all your friends.
But they still won’t change your email address.
Problem #3: Using this for mailing lists
I got this email because this person subscribes to one or more of my mailing lists.
Once again, just sending email to the mailing list owner isn’t the way to change your email address. I have perhaps a dozen different lists across three different providers. I don’t even know which list that email address is on.
Somewhat ironically, several of the addresses on the CC line were “do not reply” email addresses. Sending a reply to a “do not reply” email address is pointless for obvious reasons.
The solution: Take the time to do it right
Changing your email address with all the organizations, accounts, lists, and people you communicate with takes time. That’s one reason that changing an email address can be painful.
But the steps are pretty simple.
For real people
Send that email as above, but:
- Send it only to actual people, meaning friends, family members, and other individuals.
- Use BCC to hide everyone’s email addresses from each other.
For online accounts
Log in to your account at each of those services and change your email address yourself.
If you no longer have access to an old email address associated with the account, or you’ve lost your password, look up the customer support options and follow those. Do not just send email to a random email address and expect results; you won’t get any.
For mailing lists
Check the most recent email you received from that list for instructions on how to change your email address, and change your email address yourself.
If there are no instructions, find the site or service where you signed up in the first place for instructions. Only if you can’t find instructions to change your email address yourself should you then look for support options relating to that mailing list to ask for help. (Here’s one example.)
Do this
Just sending out an email blast to everyone you can think of won’t work. Instead, tell your friends, and change your email address yourself everywhere else.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I received one of those emails that had been forwarded numerous times and had many email addresses showing. Just for fun, I salvaged all addresses I could and got more than 250. Some people just don’t listen to instructions or just don’t care.
By including a business like Amazon you are telling the world you have an account with them and the email address. A gift to hackers……
Others’ inappropriate use of the CC function in email is one of my pet peeves. I’ve posted a link to this article on my Facebook page in the hope at least one person will change their ways as a result. I think I’ll tweet it, as well. Thanks for this post. It gives me somewhere to send people.
Email programs probably should make it a bit harder to CC than to BCC, or at least ask if the sender who does, perhaps robotically, CC, actually wants the recipients all seeing each others addresses and reminding them that it could possibly be a security issue for others and even themselves.
Exactly, I totally agree with you. Also the Bcc function is often hidden away and difficult to engage. I think there is very little attention paid to the Email function in the computer world. In most computer managers minds, along with their programmers, performing email function upgrades is a useless and boring endeavour without any jazz or “fame” associated with it.
Exactly, I totally agree with you. Also the Bcc function is often hidden away and difficult to engage. I think there is very little attention paid to the Email function in the computer world. In most computer managers minds, along with their programmers, performing email function upgrades is a useless and boring endeavour without any jazz or “fame” associated with it.
And there’s another couple of reasons it may not work (as if any more reasons were needed):
Long CC: lists can cause an email to be rejected as spam, without notice depending on the intervening mail servers
Email is not a foolproof delivery system – emails can get lost, delayed, be diverted into junk folders, etc, etc. Never believe an email is delivered until the recipient confirms it. (I send out Purchase Orders for our company by email – about 5 % have to be repeated for various reasons. Some I believe are received and simply lost in busy inboxes). Oh, and ticking “Request Delivery or Read Receipt” doesn’t necessarily give any peace of mind. Some people don’t allow responses to be sent, some servers block the requests as a matter of course.
recently I switch from Comcast to verizon,comcast blocked my email as the email address was through them ,since I was with Comcast for more than 15 years ,lot of my friend and other can not be contacted through my new email,how can I restore my previous email,please help me thanks
You’d have to contact Comcast and see if they have an option to use a Comcast email address (probably a for pay account) without being a Comcast customer. That’s one good reason to use email services like GMail, Yahoo mail or Outlook.com or even better your own domain.
I’m in the process of setting up my own domain and transferring everything important to it. And, yes, I did already know to use BCC in the notifications.
In 2016, it’s nearly unbelievable anyone could be foolish, careless, or indifferent enough not to take the time to learn the difference between Cc and Bcc. Leo is absolutely right by saying including someone’s email address on mass-forwarded email is a breach of privacy. It is a SERIOUS breach of privacy and consequently a show of disrespect.
There are people, many of them elderly, for whom even being online at all is a major cognitive challenge. I’m not saying that they’re stupid. They mostly aren’t. (My mother and stepmother are two such.) But the online world is so different from anything they’ve ever dealt with before that they’re like fish out of water. Subtle points like this issue aren’t going to come quickly or naturally to them.
Leo, you wrote:
“For online accounts, log in to your account at those services and change your email address yourself. If you no longer have access to an old email address associated with the account, or you’ve lost your password, look up your customer support options and follow those.”
Leo, “[no] longer [having] access to an old email address associated with the account” is usually not an issue, since in the vast majority of cases the E-Mail address is being used as a username, not as an E-Mail address proper, so logging in with that address in order to change it should pose no problem, unless the service requires verification from that address. (This is, of course, exactly and precisely what alternate, secondary, or “recovery” E-Mail addresses are for.)
Even though web accounts use your email address mainly as usernames, they also function as recovery addresses. You need to have a currently accessible email address for them to send you a password reset link or code or for other recovery functions.
If you no longer have access to the recovery email account or phone number, your account is lost forever. It’s important to always keep these up to date on your account.
https://askleo.com/a-one-step-way-to-lose-your-account-forever/
On a separate note, I am dumbfounded that people are so dense as to use “CC:” instead of ” BCC:”. It wouldn’t even occur to me to use “CC:” for such a purpose! Do people even think?!?
I’m currently in this process of switching emails and I can see it’s going to be a long process. Some accounts won’t let me change email address; I suspect they use the email address as the key field to identify the account. I’d have to make a new account, or keep using the old email if I want to keep any history/points whatever associated with that account.
Also some contacts keep using the old address because it is what comes up in their contacts for you in their email account. Thunderbird tip: If you have both email accounts in Thunderbird, you can change the email to the new address in the FROM line when you reply to someone who used your old . Then if they reply again it will go to your new address, and hopefully over time their email client will pick up on that – I hope.
“I suspect they use the email address as the key field to identify the account.” – That might be true up to a point. For those companies/businesses, log into the website of the company and check your “profile”. Sometimes there will be a field for an email address the company uses to contact you. That email address can be different than your old email address. The old email address might be used only as your UserID to give you access to their website.
In some cases, you may be able to keep your old address and automatically forward it to your new address. This would work, for example, if you were changing from one gmail address to another. Is there any downside to doing this?
I changed from the gmail account that I’d used for maybe 10 years to a high security email provider. Besides notifying my usual correspondents (via BCC) and changing the address in all the businesses I could think of or could find in my password manager, I also set up a universal forward (forward everything) in my gmail account pointing to the new address. That way, if I receive an email in my new account that was forwarded from gmail it’s a flag to me to notify that person or business of the new address. Over time, and it took almost a year to be certain I had all of them, everybody gets notified and I can delete the old gmail address. Of course this only works if you still have access to the old account and the old account has the option to forward emails.
Believe me, a new email address is going to be the biggest mistake you have made lately! It is more of a hassle than it is worth. That is, unless it is a MUST. If you must, go ahead, but be prepared for a monster headache for at least the next year……or more!
When I first started using email, I used my address provided by my ISP. A few years later, I changed ISPs, and discovered how much effort goes into that process. Since I had an outlook and a gmail account by the time I changed ISPs again, that time I changed my email address to one of them, gmail for friends, family, and other non-business related contacts, such as any GNU/Linux related accounts I had, and outlook for any business related correspondence I had to engage in. That was the last time I’ve had to change my email address, so I’ll probably keep those two addresses for life.
The next major change I want to make is to set up a Google Voice phone number on my smartphone as a secondary number so I can use it for recovery purposes with all my accounts. Once I have that completed, I’ll never have to go through what I had to when I got a new phone, but wasn’t able to keep my old number (I had to go to the hospital shortly after getting the new phone, and by the time I was discharged, it was too late to recover my old number). By using a Google Voice phone number, when I have to get a new phone again, all I’ll have to do is remove my old phone from Google voice, and add my new phone to it.
Finally, since I now use 1password as my password vault, I’ve recently learned that it also provides TOTP functionality for accounts that support/offer 2FA. By switching all my 2FA enabled accounts to 1password, I’ll be able to get rid of my Microsoft Authenticator app from my phone, and removing another road block for dropping Windows and my Microsoft account when/if I decide to make that change. My entire objective here is to eliminate my dependence on any specific device or organization as much as possible.
Ernie
When I first started with the Internet, for a year, I would get free Internet by using the free diskettes in the free magazines all over town. I only emailed about half a dozen people, so informing them of the change was easy. When I started paying, I worried that if I had to change ISPs, it would be a real mess. Then I saw an add for free email for life from Yahoo. I still have that address and use it for mailing list subscriptions and account recovery.
I had a Yahoo account for a very long time, too … until their huge security breach became public knowledge. At that point I followed the general consensus, and deleted my account. Today, I might handle things differently. Security breaches then were far less common, and I hadn’t learned as much about dealing with them then, as I have since …
Ernie
I kept is as my throwaway address for newsletters. I even got a couple of emails from old friends to that address as late as ten years after I stopped using it as my main address..