Tag Archives: hacker

author's firefox monitor dashboard showing number of data breaches detected

Check Your Email Isn’t Exposed on the Dark Web

Pwned: Exposed on the Dark Web

“Pwned” is a deliberate typo for the word, “Owned”. “To Pwn” has its roots in the computer games world; it means to beat someone comprehensively.

Why Worry?

Email addresses on the dark web are available to hackers and spammers. At the very least you’ll be getting unwanted emails. The worst case: you’re on the way to getting your identity stolen.

A President Pawned

Yesterday I received an email from the president of an organization for which I do voluntary work. It said, “Do you have a moment I have a request I need you to handle discreetly. I am going into a meeting now, no calls so just reply my email.”

I checked the email address and, needless to say, it wasn’t from the president at all.

Since the committee members all received a similar mail, my first thought was that someone has hacked the account. However, it’s easy to check, so I did.

Pwned in Data Breaches

A “data breach” is where information has been exposed to public view, either intentionally or not. Turns out that the president’s email address was exposed in two data breaches, now available on the dark web.

president@ First Breach

The first was back in 2017, when the address was used by the previous president. This may have exposed the email address and password. I say, “may”, because it may be just the email address that’s exposed, without the password.

president@ Second Breach

The second is more serious and more recent: February 2019. Whilst it doesn’t include email addresses, it does have dates of birth, employers, genders, geographic locations, IP addresses, job titles, names, phone numbers, physical addresses. An email validation service, verifications.io, was hacked. To check an email address is valid, services like this comb all public records to build a comprehensive profile of the person behind the address.

Personal Data Available on the Internet

You’d be surprised how much of your personal data is available to on the internet. Records may be public, such as Companies House, the electoral roll, telephone directories, even on your own website. Or easily accessed, like Facebook and LinkedIn. Or may be given securely, in good faith, and then sold under the cover of small print, a practice used by some DNA profiling websites, for example.

Check Your Own Data Breaches

Check your email address at Have I Been Pawned. Enter your address here, and it’ll scout the dark web and list data breaches that contain it. Check all your addresses if you have more than one.

Check regularly using their monitoring service, which sends alerts to your inbox if it spots any of your addresses on the dark web.

alerts on have i been pawned menu

Protect Your Identity

  1. change your password on any breached websites, or delete your accounts
  2. make sure your anti-virus software and firewall are always up to date
  3. use strong passwords (HM Government has tips for staying safe online)
  4. use a Password Manager to generate, save and protect strong passwords (free password managers here)

Another Email with Links

This Spam Email is from Fedex – NOT!

Here is another example. Read about the first here.

There’s usually a flurry of mails like this around Christmas. People can be taken in more easily if they’re expecting a delivery, as many do at this time of year.

Example of spam from Fedex

How to Spot It As Spam

There are two give-aways in this mail, on top of the time of year, which should make us all more vigilant:

  1. The word, “postrider”, which looks like a word made up by someone who couldn’t translate it from another language;
  2. The format of the “Get Postal Receipt” button, which looks very unprofessional.

What to Do Next

Our advice is always the same,

  • Don’t click any links, nor open any attachments;
  • Delete it or mark it as spam;
  • If you feel public-spirited, and it claims to be from an organisation, search for what they want you to do about spam.

Fedex has a whole micro-site about spam, which makes useful reading. It contains examples of common spam emails.

Finally, here’s a page with how to report spam to lots of major organisations. Thank you Marjolein Katsma.

Website Malware Attack

What Happens in a Malware Attack

On Monday, I was looking for a local business which I know, so I searched for what they do. Does anybody use Yell or BT.com any more? They didn’t appear in my search results. So, thinking this might turn out to be an SEO sales opportunity;-) I searched for it by business name, specifically.

Bing's malware warning panel.

Bing’s Malware Warning

Bing listed them this time, but when I clicked the link to open their website, this note appeared next to the search results. Bing would not take me straight to their website.

Google, similarly, listed them but with this immediate and scary warning, “This site may harm your computer.” One click fewer than Bing, you notice.

If you go straight to an infected website, your browser will warn you very clearly not to open it, too. If you decide to visit, be prepared to get rid of some spam!

This is all very upsetting for web user and site owner alike.

Why Malware Attacks Happen

Hackers, the source of malware, seek out weak targets. Everyone is vulnerable.

Think of your website like your house: how do you reduce the risk of burglary? You make your house less attractive to burglars than those around it. You buy a house in an area with a low crime rate. You fit decent locks and security lights. You fence the garden, install robust, lockable gates, and plant thorny bushes in vulnerable places. And then you take out insurance so that, should the worst happen, you can replace what you’ve lost.

All these points have website equivalents:

  • Chose a secure web host, one with a good reputation, big enough to afford the serious cost of real security, small enough not to be a target;
  • Understand, implement and check your client and server firewalls and anti-virus systems; keep them up to date;
  • Cover web server gateways with strong passwords and change them regularly;
  • Make sure somebody with sufficient authority “owns” your domain name and those ISP passwords;
  • Validate carefully all data entry fields, blog comments, and anywhere someone else can data enter into your website, as this is where many hacks come from;
  • Keep your operating system, web server and database software up-to-date with the latest versions to cope with new threats;
  • Take regular back-ups – and test them – so you can get back up and running fast if disaster strikes.

And keep constantly vigilant: add regular website audits into your Business Continuity Plan.

Further Reading on Malware

Here’s some more information about malware attacks.