People often manufacture a false sense of security by believing they have complete control and understanding of the many facets of their own security posture. I’m talking about statements like, “My password is strong because nobody knows my cat’s name,” or “I’m comfortable storing unencrypted medical records in the cloud because my data isn’t that interesting.” It’s easy to convince yourself that you’re secure because the precautions you’ve taken have worked so far, and hey - if nobody hacked you so far it must be because the guardrails you put in place are that good. This way of thinking can lead to mistakes and applying security measures that are not security measures at all.
One such idea, that I would also classify as a fallacy, is that using email aliases in lieu of your primary email address somehow magically protects your accounts. Before you start slamming the desk with your fist yelling at me that “IT PROTECTS YOUR PRIVACY!”, I want to draw a very important distinction - I am not talking about protecting your personal privacy but rather the belief that having a secret email alias somehow protects your accounts from malicious access.