Have I been pwned?

Page 1 of 2 12 LastLast

  1. Posts : 126
    Win 10 OS Build 18363.720
       #1

    Have I been pwned?


    Goto: Attention Required! | Cloudflare

    When I enter my email, the received message states:

    "Oh no pwned! Pwned on 1 breached site and found no pastes (subscribe to search sensitive breaches)"

    Is this something to be concerned about?
      My Computer

  2. TairikuOkami's Avatar
    Posts : 4,163
    Home 2004 x64 10.0.19041.331
       #2

    nithig said:
    Is this something to be concerned about?
    Not particularly, unless you are privacy concerned.

    When you scroll down, it should show, what breaches the warning applies to.
    Basically someone knows your email address, so he can send you spam or phishing.
    Some breaches might have revealed your password for that webpage, you might want to change it.
    Attached Thumbnails Attached Thumbnails Have I been pwned?-capture_06022020_100704.jpg  
      My Computer


  3. Posts : 126
    Win 10 OS Build 18363.720
    Thread Starter
       #3

    Thank you Tairiku Okami,
    not able to scroll down so don't have any idea what the breach relates to.
      My Computer

  4. Jacee's Avatar
    Posts : 906
    Win 10 home 1909 18363.900
       #4

    Using a different computer, that is known to be clean, change your passwords. That message looks like spam.
      My Computer


  5. Posts : 126
    Win 10 OS Build 18363.720
    Thread Starter
       #5

    Thank you Jacee
      My Computer

  6. jamis's Avatar
    Posts : 422
    Windows10 Home 64 bit v. 1903 bld. 18362.900
       #6

    When we receive suspicious looking e-mails, I go to the e-mail server that my ISP uses and view the source code of the e-mail with theIr web based e-mail program. This lets me look at where it came from and if there are other questionable things in the e-mail without opening it. This will also show the code of the attachments. Lately, we’ve been getting e-mails purporting to be from Amazon Prime. They are always seeking personal information and I’ve been able to trace them back to Reunion Island off the coast of Africa. These e-mails get forwarded to Amazon’s stop spam e-mail address, the sending domain is blocked, and deleted from the mail server. Takes time. Is a PIA, but our system stays somewhat protected.
      My Computer



  7. Posts : 126
    Win 10 OS Build 18363.720
    Thread Starter
       #7

    Hi Jamis,
    yes I also check the source of emails. This was not an email but an article which led me to check the site mentioned in the
    first post (pwned).
    Thanks for your comment.
      My Computer


  8. Posts : 147
    Windows 10
       #8

    The information attackers get is usually so vast they could not possibly go through it all line by line and match the information to a particular person and nor would they want to. When these attacks occur the act of obtaining the data ie usernames, passwords, email addresses etc is to make money primarily. They can sell tens of thousands, maybe even hundreds of thousands of user information to the highest bidder or simply put it on an underground market for a set price depending on the demand for that information.

    You as an individual were not pwned, the website was and in turn your information was leaked through bad practices at whichever website failed to protect your information. Most of these breaches occur when websites are not fully secured and so naturally hackers being hackers, especially black hat hackers, looking for holes is their bread and butter. They find one (or two, or several) and the rest is history. Your information is out there in the open, no doubt replicated lots of times but it's not an individual attack on you. The hackers didn't go after YOU specifically. They went after a website and the spoils for breaking into it was lots and lots of data. And you happened to be among that data with your email address, passwords etc.

    So don't be alarmed. Usually when these attacks happen the websites hit are huge. Therefore when attackers get data dumps, they are usually so big that the mathematical probability they chose YOUR username, email, password out of potentially MILLIONS of others is, well, 1 out of how many million user details there are. All that being said I wouldn't sit back and hope it never happens. Someone who buys that data, or obtains it somehow, could begin to cut the whole data dump into sizeable portions that can be of use to their malicious plans. They could whisk down data to, say, more unique chunks which could then make it more likely your stolen information is used.

    You should change your password(s) AS SOON AS POSSIBLE. Choose a long password with at least 20 characters containing numbers, upper and lower case alphabetical characters, symbols etc. Passphrases are also just as good, something like golden&-0gates-8merry. As for your email address, change the password on that ASAP as well but you shouldn't worry too much about your email address being compromised as it's a far bigger risk attackers attacking email providers as they tend to have all the resources to make it very difficult for that to happen. Google for example, are among the most profilic cyber security researchers and thus their products are among the most secure. Good luck trying to break into Google. Same can be said for others too.

    However, and slightly off-topic here, social engineering is how attackers usually get into your email address. You practically give them your password through phishing attacks, spearphishing attacks (targeted phishing attack) or through a dodgy attachment you download and run. Either way, focus on the passwords primarily but if you do feel concerned you can always change your email address and setup the former as a forwarding account to your new one until you've managed to get everything setup with your new address.
      My Computer

  9. Callender's Avatar
    Posts : 2,899
    Windows 10 Home 1903 64-bit
       #9

    Jacee said:
    Using a different computer, that is known to be clean, change your passwords. That message looks like spam.
    If nithig has signed up for Firefox Monitor:

    Firefox Monitor - Frequently asked questions | Firefox Help


    Or possibly uses Firefox Lockwise:

    Chrome and Firefox will now alert you about data breaches involving your accounts

    It uses h**ps://haveibeenpwned.com/ as it's breach database and notifies accordingly.
      My Computer

  10. Jacee's Avatar
    Posts : 906
    Win 10 home 1909 18363.900
       #10

    Another thought came to mind.... Look to see if you have any Browser add-ons that you didn't specifically add. Remove any or all.
      My Computer


 

Related Threads
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 04:57.
Find Us




Windows 10 Forums