Is Your Email Address, And Password, On The Dark Web?

in digitalsecurity •  last year 

Have you ever checked how much of your personal information has already been sold to the best bidder?

From company hacks to website data breaches, there are several ways your personal information could have been leaked and made available for sale.

Dark-Web-Leaks.JPG

This kind of situation cannot be prevented.

For example, a colleague from the Crypto Safety First team was affected by the Ledger data leak.

He was not careless, the leak had nothing to do with him, but in any case, this data leak affected him by having his email, name, address, and phone number disclosed.

Think about it, any scammer out there who can put his hand on that information has quite a lot of ammunition to mount a spear phishing scam.

Of course, our colleagues will not fall for any scam, but this is not the case for everyone.

How Can You Know If Your Data Has Been Leaked?

If you have a Google account, this is quite straightforward.

Navigate to your Google account and in the 'Security' section you will find a section named 'See if your email address is on the dark web'

Dark-Web-Leaks2.JPG

But, if you don't have a Google account, you can use the have I been pwned? website.

As stated on their website, their goal is the following:

This site serves two primary purposes for me: firstly, it obviously provides a service to the public. Data breaches are rampant and many people don't appreciate the scale or frequency with which they occur. By aggregating the data here I hope that it not only helps victims learn of compromises of their accounts, but also highlights the severity of the risks of online attacks on today's internet.
Secondly, the site provided me with an excellent use case for putting a number of technologies through their paces and keeping my hands-on skills somewhat current. Projects like this are an excellent way of staying relevant as my day job increasingly focuses more on software management and less on actually building things (which I happen to love doing!) ...

What Can You Do If Your Data Is Part Of a Data Breach?

If your email has been part of a Data Breach:

  • Straight away, change the password to a new strong, and unique password
  • If not done already, add 2FA on the top, as a must-to-have additional layer of security

If your phone number has been part of a Data Breach, most probably you will start receiving calls from people trying to scam you. And, additionally, you may suffer a SIM SWAP attack:

A SIM swap usually targets wealthy individuals, like the Blockchain Capital Cofounder. If nobody knows about the extent of your crypto portfolio or such... You should be safe enough. Still, you can always reach out to your SIM provider, make them aware of the data breach, and ask them to triple-check any SIM account transfer request.
Alternatively, you can change your phone number. Far from ideal but...
If your name and address have been part of a Data Breach:

  • Ironic Mode On... It is time to get a new identity and move to a tropical island... Ironic Mode Off
  • If your phone number had not leaked, most probably nothing would have. Unless you have a considerable amount of assets and you have made it public through social media channels.
  • If your phone number has been leaked, this information will be used in Spear Phishing Attacks.

Congratulations on completing another 5-minute Crypto and Digital Safety Power-Up.

Keep up the good work in enhancing your safety and security knowledge.

5-Minutes-Power-Ups.png

Article originally published at: https://www.publish0x.com/@Crypto-Safety-First

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE BLURT!