Security, Privacy and Email with XYZ

security and privacy are the advantages of Thexyz. Thexyz is an email service company in Canada, which was founded in 27. What are the challenges, what are the differences of XYZ, and what can ordinary e-mail users do to ensure security when checking e-mail? Read our interview with Perry Thun, founder of Thexyz, for more information. Please show our audience that XYZ

XYZ is in its 16th year. At first, it mainly sent e-mails for people, but now it has been transformed into providing domain name registration and websites. We have two websites, Weebly hosting and WordPress hosting. We use cPanel as our host control panel, and now it has a charging setting based on usage, so it is economical and fair for people. With the expansion of business scale, we have made some exciting plans for 222. We have more customers now, so it's just to keep the boat in the direction and float. What changes have taken place since the company was founded? What are the main challenges facing the company?

My challenges are mainly related to anti-abuse and DDoS-related incidents. Especially last year, we had a large mail provider, and some mail providers around the world, such as Protonmail, Runbox and Tutanota, were also targeted by short messages sent by an organization called "cursed patriarch". They demand bitcoin, otherwise they will attack us. They made a little gesture on Sunday night. I was cooking dinner, and a lot of emails came from my mobile phone, and failover began to happen.

then, I saw a failover server shut down and XYZ was shut down several times, which was one of them, about 14 minutes. This is a very high-level DDoS attack. We must provide it with all kinds of protection. We don't pay bitcoin to criminals, so we can weather these storms.

I think it's important for these mail providers to stick together and not pay these fees. About five years ago, there was a story about Protonmail paying a ransom after seven days of attacks, because their service was really painful. After that, the attack increased by three days, so this shows that paying these ransoms is not desirable and does not really help. Thexyz takes privacy and security as its main selling points. Why do you think that large and well-known e-mail services pay less attention to security and protection? Is this related to their desire to sell user data?

Yes. When sharing data with third parties, sharing voluntary data with BigTech will make it difficult to market it as a private service. I think privacy and security are very important and part of our basic human rights.

However, providing such a service is a challenge because it strikes a balance between convenience, ease of use and security. E-mail, in particular, is a very old technology in the internet world, and it is not safe in itself. Making it safe will bring some challenges and make it more complicated to use. We often talk to customers and find a "happy balance". What can ordinary people do to protect themselves when using e-mail?

Two-factor authentication (2FA) helps to ensure login security. Last week, Microsoft discovered a new phishing attack, in which an attacker can access an account that is not enabled with 2FA.

many of these attacks can be mitigated or prevented as long as best practices are adopted. I think it's better to use applications instead of SMS to do 2FA. I think this is a big step to protect your online identity.

I'm also a big fan of online service aliases. Suppose you have received an email for 1 years and it has been used to register different websites. If the database of one of the websites is hacked, your email address can be purchased or downloaded on the dark network together with your password and your date of birth.

hackers use this information to try to log in to other accounts, or set up personal data on you, in an attempt to gain your identity. It's all about the email address. This is your online identity. LinkedIn is a good example: it has been leaked several times, so I provided a special alias (email address) for this service. LinkedIn also sells your email address to anyone who wants to send you spam. I have a special alias, so I collect spam from LinkedIn and can judge when the company sells my information. What is the biggest threat to email account owners today?

I want to say that phishing has greatly increased the complexity of attacks. Just don't click on any links, because you didn't take action on the email, so nothing will happen. I always advise those who are uncertain to do nothing.

recently, I saw a special e-mail. The content in the e-mail was more carefully designed and aimed at the leader of a company. They can even send a legal email in advance to see how they write emails, see signatures and make emails. All these details can be found in phishing emails.

This company is locked by one of them. They can see in the mail that the previous correspondent was them, so they trusted it and demanded to pay hundreds of thousands of dollars. They almost did it, but they decided to ask for help to prove that it was legal. Fortunately, they didn't send it. What are their plans in the near future?

Many people know XYZ of email, so many of our plans revolve around it. We will provide people with more choices to use different email systems and make it easier for them to switch.

We have done a lot of mail migration. Sometimes people are not even XYZ customers, and they will come to us for help to transfer mail from one system to another. Nowadays, many of our customers have switched to Google Workspace and Office365 email system, so we have also started to provide services for them, so that customers can choose to keep their customer identity and change their email to other providers they like.