Have Yall Been Pwned?

2018.08.07

Hey! So last Thursday I noticed Brian Krebs (@briankrebs) tweeted his really interesting article about a phishing trend. (btw hes an insanely informative infosec guru, and you should go follow him!)

Anyways, in his article he describes the current sextortion phishing trend and elaborates on how these phishes are successfully at eliciting fear, mainly because they are using real passwords that have been found in data dumps. The complete article can be found here and you should seriously as it goes way further in depth than this. And while maybe you havent received this specific phish, its still worth taking a lesson from.

Data dumps are basically a giant list of info (valuable or not) and are usually a result from a data breach. And while you can really prevent these from happening as a whole, you can take precautions moving forward.

So I wanted to leave you with something a bit more actionable from all this, and hopefully you find this resource valuable too.

HaveIBeenPwned.com is an amazing public resource, and was created by Troy Hunt! (@troyhunt) [Another amazing individual] Its a site where you can quickly check if your email has been compromised and found in a data breach. It tells you what and when the data breach happened and hopefully youll take some action is you see red. But I hope you dont and just see green.

Thats it though! Thats all I wanted to share. Post is done. Now go check if any of your emails have been found in a data breach and if they have ...GO CHANGE YOUR PASSWORD!
Byyeeeeee!!!
https://krebsonsecurity.com/2018/08/the-year-targeted-phishing-went-mainstream/
https://haveibeenpwned.com/



< >