Tag Archives: hacked passwords

Hacked Emails Cost More Than You May Think

You may get alerts from businesses that your email and password information may have been hacked. There are also sites like haveibeenpwned.com that will monitor your email address and alert you if your email has been compromised.

hacked emails can lead to other security breaches

A hacked email may not seem like a big concern, but it can have a large impact on your privacy and security. Even if you don’t think you have a lot of sensitive information on your computer or associated with your email, you may be surprised to learn the truth.

The value of your hacked email information is quite high to a cyber thief, as they could have access to your personal data and resources that could be found in your inbox.

Most Online Services Require Email Addresses

Off the top of my head, I can’t think of any online service that hasn’t required an email to access it. The person in control of the email can reset the passwords for any accounts and services associated with the email. The user usually only has to request a password request and an email will be sent allowing the user to change the password. If someone else has access to your email, they can have access to all your other associated accounts and services.

Your stolen email information isn’t used to just spam others, they may be scanned for other people’s email addresses, to find software license keys, access to services like Dropbox or Google Drive, and other malicious opportunities. If you use the email as a backup for another email account, the hacker can now take control of both accounts. Your inbox could be held ransom, the criminals demanding payment for its release. There is a lot of information stored in the average person’s inbox.

Ways a Hacked Email Can Be Exploited

The information below can give you an idea of why your hacked email is so valuable. These are some ways that the information can be used:

Spam

  • Phishing and Malware
  • Common Marketing Spam
  • Stranded Abroad Scam
  • Facebook or Twitter Spam
  • Email Signature Spam

Employment

  • Account Information for UPS, USPS, Supplies, etc.
  • Forwarded Work Documents
  • Paychex, Quickbook, and other Financial Accounts
  • Forwarded Work Email

Privacy

  • Personal Messages, Calendars, etc.
  • Location
  • Online Chats (Google, Skype, Yahoo)
  • Photos
  • Call Records and Phone Numbers

Financial

  • Bank Accounts
  • Ransom
  • Billing Changes
  • Google Wallet, Paypal, and Other Pay Apps

Retail Accounts

  • Online Stores (Amazon, Uline)
  • Social Media (Facebook, Twitter)
  • Music (iTunes, Spotify)
  • Media (Netflix, Hulu)
  • Gaming (PlayStation, Steam)

Miscellaneous

  • Email and Chat Accounts
  • Software Licensing Keys
  • File Hosting Accounts
  • File-Sharing Accounts
  • Cloud-Based Services

As you can see, there are a wide variety of ways that a hacked email can be used for nefarious means.

The hacked accounts can bring a nice return for the people selling the information. According to an article on krebsonsecurity.com, an email can bring anywhere from $3.oo to $8.oo each. Multiply that by the thousands or millions of email accounts that a hacker may obtain and you can quickly see how this can be a tempting crime.

Protect Your Email and Yourself

Many online services offer you a couple of options to protect your credentials. Many bigger businesses offer multi-factor authentication that requires users to use a code texted to them or an app that provides a key to access an account. As always, you should use a strong password and mix them up between accounts. We know it is a hassle, but it is easier than trying to get your identity back once it is stolen and your reputation ruined.

Take the time to protect your email just like you would your wallet or your home.

Google Offers Assistance With Hacked Passwords

It seems like our “secure” information is constantly being hacked, and if you’re like most people, you probably use the same login information for a variety of sites. It may be hard to remember what sites have been hacked and which credentials have been compromised.

If you are one of the over 300 million users of the Chrome browser, Google has given you a tool to manage your hacked passwords.

Free Password Checkup Extension

You can download the Chrome extension HERE. Once you have the extension installed on your browser, it will run in the background, checking the logins that you use. If the credentials you use match any of the 4 billion compromised logins in the Google database, a red warning box will appear.

 

Google Chrome extension to scan for hacked passwords

The warning states “Password Checkup detected that your password for [website] is no longer safe due to a data breach. You should change your password now.” If a new breach occurs, the extension will notify you if any our your passwords were compromised when you log into Chrome. If this is the case, you will get a list of the compromised sites and you can click on them to update your login information.

The extension is encrypted, so no one, including Google, can see the data that you enter.

From the Google website:

“Password Checkup was built with privacy in mind. It never reports any identifying information about your accounts, passwords, or device. We do report anonymous information about the number of lookups that surface an unsafe credential, whether an alert leads to a password change and the domain involved for improving site coverage.”

Contact Team WTI today for any questions and help with your website.