Are Virtual Mailboxes Safe From Identity Theft?

person in taipei city, taiwan
Theodore
Travel Writer
Virtual Mailbox Guides

Last Updated:

Published:

I may make commissions from purchases made through links. Read here for more information. And as an Amazon Associate I earn from qualifying purchases.

Virtual mailboxes are safe depending on the service used.

As someone who has experimented with various virtual mailboxes, I’ve wondered if they’re safe. That led me to write this guide to help you determine whether they’re worth getting.

Summary

In short, virtual mailboxes are secure depending on what sort of service you use. If you use a virtual mailing provider that uses third-party CRMAs, your mail may be less secure. However, you will need dive deeper into what makes a service secure before choosing your provider.

First, Learn About Commercial Mail Receiving Agencies

Otherwise known as CMRAs, receive mailing items from the Postal Service on behalf of third parties like virtual mail service providers. These services collect your mailing items, scan them, and handle your mail.

Sometimes, virtual mailbox services will use third-party providers to give the service more addresses to handle. While other times the provider will only maintain one address, which is at a facility they have complete control over.

How Secure Are Commercial Mail Receiving Agencies?

When registering to become a CMRA, they must provide two forms of identification and fill out PS Form 1583 to receive your mail. 

The security of each CMRA differs. For example, on a virtual address provider’s website, they’ll usually tout the security measures they have in place at their facilities. However, the same doesn’t go for third-party providers.

You’ll need to contact your provider to ask them what security measures their outsourced CMRAs have in place to secure incoming mail.

Also, here are a couple of tidbits to keep in mind:

If a CMRA were to go out of business, they must notify customers to fill in a change of address form within 10 days of the notification.

CMRAs can’t refuse mail.

Brief Explanation of 256-Bit Encryption

256 Bit Encryption is one of the best encryption types out there. It uses a 256-bit key to decrypt and encrypt data transferred between servers and clients. Moreover, as of now, 256-bit encryption hasn’t been cracked.

So if a company claims they use this type of encryption, you’re in good hands.

Virtual Mailing Service Encryption Methods

To handle the delivery of your digitized mail, many companies will use software like Amazon Web Services, which employs 256-bit encryption. However, each virtual address service differs. You will also want to pay attention to their Secure Sockets Layer (SSL) certificate.

Here’s a blog post that’ll give you more information on identifying SSL certificates.

Who Will Handle Your Mail and Can You Trust Them?

Not all virtual mail companies do this, but many perform background checks before hiring employees. While they don’t specify what criteria they follow when hiring, you can at least know they won’t hire someone with a criminal record.

Moreover, these companies will also train their employees to adhere to HIPAA standards. These training sessions will teach employees about the various HIPAA rule types, including data disclosure and violation consequences.

What You Should Know About Secure Shredding

Almost all virtual mailing providers offer secure onsite shredding. Many providers will ensure that someone supervises the staff members who shred your mail to prevent theft.

Online Account Two-Factor Authentication

Unfortunately, no platforms use hardware security keys. However, some virtual mailing services allow you to set up SMS or app-generated code two-factor authentication (2FA).

If you have a hardware authentication key like Yubikey, you can use the Yubico Authenticator application to store your 2FA account. Or, you can download a mobile application like Aegis Authenticator.

Do Virtual Mail Companies Share Your Data With Third Parties?

You will need to read through the virtual address service’s Privacy Policy page to see if they share your information and who they share it with.

However, commercial mail receivers must share a list of their former and current customers with their local postmasters every three months.

FAQs

You still may have many questions running through your mind. However, I’ve aggregated questions from around the internet to help you gauge the safety of using virtual mailbox services.

Are Virtual Mailboxes HIPAA Compliant?

Whether virtual mailboxes are HIPAA compliant determines what provider you’re using. Most companies train their teams on HIPAA compliance protocols and opt for web hosting services that are also HIPAA compliant.

Some plans will require you to upgrade to make the company execute a Business Associate Agreement (BAA). In short, a BAA is an agreement between an individual or organization and a healthcare provider to enable a company to receive access to store Protected Health Information (PHI).

More Virtual Mailbox Guides

Even More Guides

vector image of mail going into a cellphone

What Is a Virtual Mailbox?

vector image of a large mailbox

How To Deal With Mail as an Expat

vector image of a person surrounded by 3 bubbles

7 Virtual Mailbox Benefits

How Do Virtual Mailbox Work?

vector image of a mailbox

7 Best Virtual Mailboxes for Expats and Travelers

person standing on top of Taipei 101 tower in Taiwan City, Taiwan

About Theo

Theodore began first experienced the wonders of traveling when visiting Vietnam. Afterward, he went crazy and ventured to at least… More about Theo

Eager Nomad digital nomad and expat blog logo - retina

For Nomads & Expat

Find a bank to use overseas

Deal with mail abroad

Building an Emergency Fund

Trip Planning

Best eSIM providers

Packing List

Destinations

Learn More

About Us

Contact

Sitemap

Follow Us On:

© Eager Nomad. All rights reserved 2024

Privacy Policy | Terms of Use