Zombie accounts - Click and Protect

If you’ve been using the internet for any length of time, you’ve probably set up online accounts with a lot of different organisations. Maybe to make a purchase, sign up for a free trial of a product or service, or to download something you wanted to read.

Most of us fail to close these accounts later. Perhaps we plan to come back later to make a second purchase, or to have another look, but never get around to it. Usually that account is just left forgotten and unused.

This is a potential problem, because people often use weak or duplicate passwords for what they see as ‘throwaway’ accounts, being in a hurry to get to the goodies. And an email address + password pair, once stolen by criminals, can be used to try to gain access to your other, perhaps more sensitive, accounts using that pair.

Some companies do a good job of closing unused – or zombie – accounts these days. They send reminders that they’ll close the account on a certain date if you don’t at least log in, giving you the chance to revive it if you want it. Other companies, though, make it really difficult to delete an account once it’s been opened, and by the time you find that out, it’s too late.

What can you do about zombie accounts?

When setting up accounts online in the future, for whatever reason, consider:

Hiding your email address by using a temporary email address or by setting up new email addresses and using them for different purposes
Always using a strong and unique password. You may need to use a password manager if you have hundreds to remember, but don’t forget that you should be able to enter a reset-password loop if you need to
Never saving your credit card information in that account; always enter it yourself when making a purchase, or use a payment service that conceals your credit card information from the seller
Setting up multifactor authentication for that account if at all possible
Keeping your business accounts away from your personal accounts
Making a note to delete that account at a future date. Put a date on it, and follow up. If you decide the account is useful to you, keep it; otherwise clean it up.

And if you suspect you have unused accounts out there, maybe set aside some time to go through your old emails to try and track them down and remove them. If deleting the account seems to be impossible, change the password to make it as strong as possible.

For cyber security help for your business, contact the Click and Protect team on 0113 733 6230 or via this form.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Zombie accounts might come back to bite you

What can you do about zombie accounts?

You might also be interested in: