A small post on how to check whether your logins and passwords are leaked, and why it is important to periodically carry out such an inspection.
This opus will be devoted to the description of one of the accounts for leakage and hacking accounts. But first let’s figure it out why it is important for us to control the very fact of such a leak.
By explicitly — unauthorized access to your account, the data of which was hacked or merged into the public network, there are some more important points.
All these moments are associated with the peculiarity of human psychology than the attackers and fraudsters enjoy. Suppose it happened e-mail, it’s unpleasant, but how can this still use fraudsters?
One of the most famous services for checking accounts for leakage is
The interface and method of using the service are very simple: just follow the link and specify your email address.
Next, the service will check whether your email is found in the database of hacked accounts, and will report on leakage, from which resource your data got into the attacker databases, and when it happened.
You urgently need to change the password on the site, access to which was compromised.
If access to e-mail is compromised — check if letters about trying to restore access to any sites, the restoration of access to which you have not been requested.
Change the password on all resources where you used the same password and email address during registration.
Use two-factor authorization where such an opportunity is provided.
For the purity of the experiment, I decided to check how the service was reacts to the newly created account well with a very difficult password. I wanted to find out for myself whether there may be false responses in order to intimidate the user and attempts under the guise of possible threats to encourage it to registration for notifications about new leaks or the acquisition of additional means of protection. But the service honestly reported to me that email in leaks is not affected.
In general, such services handle information from other sources that are used to exchange stolen information. As such sources, Pastebin, specialized forums, resources in Darknet and others are popular among playground hackers.