What is a secure e-mail address to use for online games?

are there are any e-mail services that are 'bad' to use in this case? (i.e. hotmail, gmail, etc.)

This isn't a practical concern. If those companies are breached in such a way that they gain access to your online gaming account, you've probably got bigger problems. As long as it's a reputable email provider, you don't have much to worry about.

should I avoid signing up to different services with the same e-mail address if I want to keep my accounts safe?

It certainly helps. If you use a unique email account for your online gaming account then not only will that make the username more secure, but it'll also make it much more obvious if someone tries a particularly good scam on you, since no matter how accurate it may be, it won't be sent to the address that official correspondence will be going to.

How to avoid being hacked as best as possible:

  1. Use a unique email for the account
  2. Use a strong password. Additional authentication will provide further security if supported. Note that at the very least you should never use the same password for your email and gaming account.
  3. Install good antivirus software and keep it up to date, keep your OS patched, keep your browser patched, etc. etc.
  4. Be extremely careful what you download. Addons, mods, hacking tools and suchlike can potentially contain malicious code designed to steal your account details. If you're downloading executable files, be even more careful.
  5. Be extremely careful what links you click on. Never give out your password. Never share your password with friends. Only log on from a computer you know is secure.
  6. Be vigilant and pay attention to the details. I've seen plenty of scams that appeared to be legitimate, and it's only the fine details that betrayed them. If something seems odd or too good, check the email headers and/or go directly to the official site instead of clicking on any links.
  7. If the service allows you to provide a public profile, keep as much of it blank as possible. Any information you put in there can make it easier for someone to search and find more details about you (or give them enough outright) for social engineering attempts.

It's impossible to eliminate the risk entirely, no matter how knowledgeable you are. But the fairly basic steps above will massively reduce the chances of it happening.

/r/AskNetsec Thread