Have you received a threatening email with a password in the subject line? Your password has been leaked, but this is usually an automated scam with no immediate threat. Here’s how to keep yourself safe.
Typically, this automated email scam requires a large ransom in dollars or bitcoin. If you do not answer, he may require that your photos and videos of explicit content be posted on the Internet.
First of all, do not worry if you receive this email. No one has explicit media about you. Plus, you shouldn’t feel pressured to send money. Instead, let’s first take a look at how the email was sent and how your password is in the email header. And then I’ll explain how to protect yourself online.
What is I Know Your Password email threat scam?
What is a fraudulent “know your password” email threat?
You used an online service that had a security breach in the past. As a result, your email address and password were sold online to criminals in an attempt to extort money from you. Sometimes this information may be out of date.
For example, one of your old passwords might appear in the subject line, but it isn’t actually associated with your email address at all. If it matches the password of the email account you are using, you should immediately change your email password.
Do it now. Bookmark this page, then come back to it when it changes, and I’ll tell you what steps you need to take to determine if your other accounts have been compromised.
– /
Now that I’ve explained the scam, here’s what we’re going to do to protect your online accounts.
- Take action to determine which accounts have been compromised.
- Change the passwords for compromised accounts.
- Consider using a password manager to ensure your accounts are not compromised in the future.
I’ve created separate sections for each step below. Follow each step carefully to protect your online accounts.
How to identify accounts that have been compromised by hackers
We can use a powerful free online tool called haveibeenpwned to determine which of our online accounts have been hacked.
This service tracks which online services and websites have been hacked in the past. All you have to do is enter all the email addresses you use on the Internet.
After that Haveibeenpwned will return results based on whether any services connected to these email addresses have been compromised. You must remember all the emails you have used on the Internet to make sure your passwords have not been hacked.
To use the service, simply enter your email address in the input field on the website and click “pwned?
If you get an Oh no – Pwned! Result, it means your email was found with a subscription to a website or service with data breach. You can scroll down to see where you were violated.
Make a list of compromised services. Repeat this process with all the emails you use on the Internet. It can be a long process, but it’s worth taking the time to protect yourself online.
How to change passwords for hacked online accounts
How to change passwords for compromised online accounts
Once you have a list of services, you should go to each of those services and change your password there. If you have ever used this password elsewhere, you should change it there as well.
For example, if you had an account at last.fm and used the password secretpassword123, any accounts using that password could also be at risk. You should change this password wherever you can use it on the Internet.
If any of your email accounts use any hacked passwords, you should also change your email passwords and make sure you have the appropriate security features configured, such as two-factor authentication. Most email services such as Gmail and Outlook, for example, also allow you to see recent logins and logouts on all devices.
How to use a password manager to keep you safe online
One of the main problems with online accounts is that most people use the same password across multiple services. This could mean that a motivated criminal can find and access all of your online accounts.
As a rule, it will be easier for attackers to bulk purchase corrupted data and bulk spam messages like the one that led you to this article. But nothing prevents attackers from digging into the stolen data they have and trying to use it to log into your social networks, your bank accounts or other platforms that may contain sensitive data.
The best you can do is make sure that all of your passwords on the network are different. There are two safe ways to do this. The first is to write down all your passwords on paper in a safe place. Alternatively, you can use a password manager
Password managers can generate incredibly complex passwords for your account and encrypt that data. Usually you have one master password that allows you to enter the password manager and then all your online passwords can be copied from there.
You can learn more about how password managers work and which ones are the best here.
Summary
Summary
I hope this article helped ease the tension. Whenever you receive unwanted emails asking for money, the threat is usually minimal.
As with the scam I talked about here, there is often a less disturbing explanation. However, educating yourself and taking steps to protect your online accounts is still critical.
–