Why you need a new email address in 2025NurPhoto via Getty ImagesRepublished on December 24 as the threats to Googles other key messaging platformRCS are highlighted with the same challenges as Gmail, opening the market for Elon Musks Xmail or something just as disruptive.Your inbox is under attack. The FBI has issued yet another warning ahead of the holidays, highlighting an alarming surge in email and website threats, just as multiple cyber reports claim this is the most dangerous holiday season yet. Even though Google blocks more than 99.9% of spam, phishing and malware in Gmail, its not enough. But now change is on the way. And for Gmails 2.5 billion users, 2025 looks like being the year your email address should finally change.With more than 2.5 billion users, Gmail, the worlds largest email provider, is now deploying ground-breaking AI models [to] significantly strengthen Gmail cyber-defenses, including a new LLM trained on phishing, malware and spam. But as McAfee has just warned, that AI revolution works both ways. As AI continues to mature and become increasingly accessible, cybercriminals are using it to create scams that are more convincing, personalized, and harder to detect.Email remains an appallingly basic technology. Despite all its advances, the core architecture remains the same. Anyone can access anyone elses inbox with just an email address. Those addresses are basically given away for freeharvested, leaked, stored, searchable. This month, Mailmodo says, spam messages [will] account for more than 46.8% of email traffic.This is why enterprises are looking for new solutionsTeams, Slack, even instant messaging platforms. because even with all the advances and the outside sender and untrusted sender warnings, too many emails get through.MORE FOR YOUThe answer is to restore some semblance of address security and not give away real email addresses like confettia situation made worse given email address are often a primary user credential alongside passwords to log into sites and services. Apple has tried to address this with Hide My Email, to keep your personal email address private... you can generate unique, random email addresses that forward to your personal email account, so you dont have to share your real email address when filling out forms or signing up for newsletters on the web, or when sending email.And as I reported in November, Google is developing something similar for Gmail. Discovered by Android Authority in an Android APK teardown, Shielded Email consists of a system to create single-use or limited-use email aliases that will forward messages along to your primary account.This is a major step forwards and you should make use of this when it arrivesas should Apple users now. Just look at one warning issued to marketeers when Hide My Email was released: Now users can create a limitless number of fake addresses they dont even check, dramatically reducing engagement. And, worse still, they can easily deactivate them without affecting their primary email, meaning marketing databases could be full of dead addresses. This is important because a low deliverability rate can affect sender reputation, meaning your carefully crafted campaign ends up in spam.While Google assures that by spotting patterns and responding rapidly, [its Gmail] LLM alone blocks 20% more spam than before and reviews 1,000 times more user-reported spam daily, the threat will get worse again in 2025. McAfee says that AI is giving cybercriminals the ability to easily create more personalized and convincing emails and messages that look like theyre from trusted sources, such as banks, employers, or even family members. They can craft these scams quickly and with precision, making them more difficult to detect and increasing their success rate. As AI tools become more accessible, these types of attacks are expected to grow in sophistication and frequency.Email must changeand not just by improving central screening technologies. We need a radically different approach to include the following:On-device AI to flag spam and malicious email that has made it through central screening to inboxes. Too many emails still make it though, even though the actual email address and the presentational sender address dont match, with the latter a clear impersonation. How is it possible in 2024 that my inbox contains emails from Apple Support or X verification, when the senders have random email addresses such as sayio[at]hosai.co.jp.A better opt-in, known sender solutionmimicking secure messaging. Even the differentiation of trusted and unknown senders is too basic. There needs to be better deployment of AI or an easy-button for user to opt into a trusted discussion and advocate for a sender.Rather than upping the ante centrally, email security needs to do a better front-end (device-side) job. This is where safe browsing and malware defenses are now heading, making use of new device AI processing. Email needs a complete rethink to do the same.When Elon Musk (again) teased that he may launch an Xmail platform to take on Gmail, the blending of email and messaging featured front and center. The sweet spot is the universal compatibility of email without the mess. When one X post suggested that cutdown approach, Musk responded: Thats exactly what we are going to do.But that opt-in or trusted sender filter remains critical, as its that which opens inboxes to the world and sets email apart from closed messaging alternatives.Gmail isnt the only such challenge facing Google users. The other is RCS, which has been making continual headlines this month following an FBI warning for users to stop sending insecure RCS texts between Androids and iPhones. As Android Police asked on Monday, did RCS messaging open up the spam floodgates?RCS is fast becoming a marketing sensation, just as with email the value is that you can access anyone with just their phone numbers. Theres no real universal marketing filter, and because this is a standard cellular protocol, no-one is really running the show, because its a collective. It then falls to the RCS compliant messaging apps to apply a front-end filterjust as with emailwhich should work but doesntyet.Mobile spam has evolved alongside messaging technology, and RCS may have worsened things, Android Police says, and while email scams were cheaper, easier, and more effective than SMS scams in the past, RCS has changed all that now. The answer, the report says, is that RCS spam can't be eliminated. We can only rely on good security and spam filtering. Unfortunately, thats just like email.This is interesting because it provides a timely parallel to email, pitching the standard (SMS/RCS) with its spam and security challenges with newer (albeit not new) alternatives that take control of the end-to-end experience, and provide a simpler, more secure user experience.And the scale of the RCS spam threat is hugethe risk being that it becomes just like email, making the underlying technology almost unusable as a daily messenger. Last month, Juniper Research reported a 50% year-on-year hike. RCS business messaging traffic will reach 50 billion messages globally in 2025; Apples first full year of support for the technology. This represents a single-year growth from 33 billion in 2024.WhatsApp and other over-the-top messengers are not immune from spam, but its significantly less of a problem. And the platforms can easily police whats sent out and by who, and the controls they provide users to filter this out. Moving from SMS/RCS to an over-the-top is exactly the kind of clean start you can attempt with a clean email address. But its much easier.RCS spam can't be eliminated, Android Police says. We can only rely on good security and spam filtering. Recent advancements in deciphering spam through AI have led to improvements, and there is potential for significant spam reduction in the near future. Fine-tuned large language models (LLM), along with natural language processing (NLP), are positioned to surpass current spam detection systems and will make their way to RCS messaging. There's more to RCS chat than E2EE and spam filtering, so seeing how Google and the GSMA tackle this still-growing problem will be interesting. Again, its just like the tinkering approach to spam on Gmail and the other leading platforms, rather than the fundamental rethink needed.And so, when Musk teases the idea of a new platform that zeroes out the slow evolution to the mess we have today with something that can start with privacy and usability and simplicity in mind, its interesting. In reality we don t need something this drastic, and the transition would be woefully complex.In the meantime, take control. Yes, you need to use Hide My Email or Gmails new Shielded Email as soon as its available to create new addresses. But if you have an email address that has been around for years, then it has become a honey trap for spam and worse. Its time for something new, a primary email address you will better protect through multiple throw-away, masked addresses, without giving that primary address away. You can slowly migrate from one account to the other, and in the meantime use folders, rules and forwarding to capture emails to your old address.Using new email masking technologies is undermined if the primary address they link to has already been extensively harvested, sold and leaked. With 2025 just days away and threats surging, perhaps make email housekeeping one of your New Year resolutions and think about the risks associated with the addresses youre using now.