Email Compromised On The Dark Web
Email Compromised On The Dark Web
Hi friends,
I just received this notice from a credit monitoring service (CreditWise on Capital One):
"CreditWise found your email compromised on the dark web. CreditWise scans the dark web daily for your email address and SSN. If we find your information, we send you this alert so you can take action."
It also says my password was "Exposed".
Should I be concerned? What is the consensus here on password managers (e.g. LastPass)?
Thanks.
I just received this notice from a credit monitoring service (CreditWise on Capital One):
"CreditWise found your email compromised on the dark web. CreditWise scans the dark web daily for your email address and SSN. If we find your information, we send you this alert so you can take action."
It also says my password was "Exposed".
Should I be concerned? What is the consensus here on password managers (e.g. LastPass)?
Thanks.
-
- Posts: 11419
- Joined: Thu Dec 27, 2018 2:06 pm
Re: Email Compromised On The Dark Web
Can’t hurt to change all passwords.
- anon_investor
- Posts: 15122
- Joined: Mon Jun 03, 2019 1:43 pm
Re: Email Compromised On The Dark Web
I would change your password, and make sure 2 factor authentication is turned on.RJC wrote: ↑Sun Sep 22, 2019 4:45 pm Hi friends,
I just received this notice from a credit monitoring service (CreditWise on Capital One):
"CreditWise found your email compromised on the dark web. CreditWise scans the dark web daily for your email address and SSN. If we find your information, we send you this alert so you can take action."
It also says my password was "Exposed".
Should I be concerned? What is the consensus here on password managers (e.g. LastPass)?
Thanks.
Re: Email Compromised On The Dark Web
Just make sure you're not repeating the same password on multiple sites and that you're not using something easily guessed, i.e. kids' names, anniversary date, the word "password" itself, etc.
I use Apple Keychain as a password manager and used to use 1password (which was great). Never tried LastPass, but I do know they've had their own security issues https://en.wikipedia.org/wiki/LastPass#Security_issues
I use Apple Keychain as a password manager and used to use 1password (which was great). Never tried LastPass, but I do know they've had their own security issues https://en.wikipedia.org/wiki/LastPass#Security_issues
Re: Email Compromised On The Dark Web
I would think that anybody and everybody can get e-mail addresses readily, so I would be unconcerned. Now if they got your e-mail password, that's another story.
Re: Email Compromised On The Dark Web
This is a routine event nowadays, and you should be concerned if and only if you are reusing the same password. If you are, change that password on every account where you use it.
CreditWise is likely using the same database as http://haveibeenpwned.com/. If you look up your email address on that site, you may get additional details about the breach.
CreditWise is likely using the same database as http://haveibeenpwned.com/. If you look up your email address on that site, you may get additional details about the breach.
70/30 portfolio | Equity: global market weight | Bonds: 20% long-term munis - 10% LEMB
Re: Email Compromised On The Dark Web
Thanks everyone for your suggestions. I am going to try Apple Keychain and see if that helps.
Re: Email Compromised On The Dark Web
Interesting. It says my email was involved in 8 data breaches but I've only heard of 2 of the sites - LinkedIn and Myfitnesspal.bluquark wrote: ↑Sun Sep 22, 2019 5:26 pm This is a routine event nowadays, and you should be concerned if and only if you are reusing the same password. If you are, change that password on every account where you use it.
CreditWise is likely using the same database as http://haveibeenpwned.com/. If you look up your email address on that site, you may get additional details about the breach.
Re: Email Compromised On The Dark Web
Several months ago, I checked to see whether my email was on the dark web, and it came back as a "yes". I just left it at that and forgot about it. I've had nothing suspicious happen, but this thread inspired me to change my passwords and get 2-factor ID where I can.anon_investor wrote: ↑Sun Sep 22, 2019 4:48 pmI would change your password, and make sure 2 factor authentication is turned on.RJC wrote: ↑Sun Sep 22, 2019 4:45 pm Hi friends,
I just received this notice from a credit monitoring service (CreditWise on Capital One):
"CreditWise found your email compromised on the dark web. CreditWise scans the dark web daily for your email address and SSN. If we find your information, we send you this alert so you can take action."
It also says my password was "Exposed".
Should I be concerned? What is the consensus here on password managers (e.g. LastPass)?
Thanks.
My understanding is that if someone unauthorized tries access your account and has your password, you will get an unexpected request for verification. What if that someone has your email but doesn't have your password, is there any way to find out whether he has tried to access your account?
Re: Email Compromised On The Dark Web
I've dealt with "compromises" in the past. I would change my passwords if I were you. Add 2 factor where you can. And for the important stuff (banks, investments), turn on any/all notifications pertaining to activity.
$1 saved = >$1 earned. ✓
Re: Email Compromised On The Dark Web
I'd recommend a new separate email account, or accounts, for banks and financial institutions like fidelity, vanguard, etc.
- abuss368
- Posts: 27850
- Joined: Mon Aug 03, 2009 2:33 pm
- Location: Where the water is warm, the drinks are cold, and I don't know the names of the players!
- Contact:
Re: Email Compromised On The Dark Web
It is getting so tough today to figure out what is legitimate. I would consider calling bank directly. Turn on all two factor authorizations and also voice verify when possible.
John C. Bogle: “Simplicity is the master key to financial success."
Re: Email Compromised On The Dark Web
Anyone can get an email address. Mine has been listed on the dark web for years. I doubt it is much more useful than knowing your full name.
Re: Email Compromised On The Dark Web
Exactlybluquark wrote: ↑Sun Sep 22, 2019 5:26 pm This is a routine event nowadays, and you should be concerned if and only if you are reusing the same password. If you are, change that password on every account where you use it.
CreditWise is likely using the same database as http://haveibeenpwned.com/. If you look up your email address on that site, you may get additional details about the breach.
Got the same notification last year
As a precaution I changed my passwords
"One does not accumulate but eliminate. It is not daily increase but daily decrease. The height of cultivation always runs to simplicity" –Bruce Lee
Re: Email Compromised On The Dark Web
These notifications mean very little. It isn't your email address that is compromised. It is your account on some web site for which your email address is the login. Without knowing which account, the notifications are useless to someone who is already using a password manager and isn't reusing passwords.
Checking HIBP, my primary email has been involved in 11 breaches, so I have received dozens of these notifications. These databases are constantly popping up on the dark web. My actual Google account has never been compromised and I have 2FA enabled for it.
Checking HIBP, my primary email has been involved in 11 breaches, so I have received dozens of these notifications. These databases are constantly popping up on the dark web. My actual Google account has never been compromised and I have 2FA enabled for it.
Re: Email Compromised On The Dark Web
Agree with others on changing passwords, DFA, apple keychain. They probably spoofed your email address. Just like how you get fake emails which appear to be from Apple. Do you show the email in your outbox?
All posts are my own opinions and are not financial advice.
Re: Email Compromised On The Dark Web
Yes you should be concerned because that message itself may be a scam. You can't scan the "dark web". Call the number on your credit card to see if there is any validity to that message.
-
- Posts: 2349
- Joined: Sun Mar 04, 2012 5:30 pm
Re: Email Compromised On The Dark Web
Where is this "dark web?" Anyone have a URL so I can check it out myself?
Re: Email Compromised On The Dark Web
https://en.wikipedia.org/wiki/Dark_webtoofache32 wrote: ↑Mon Oct 21, 2019 10:58 pm Where is this "dark web?" Anyone have a URL so I can check it out myself?