Lately I’ve been receiving emails with the subject “Your Secret Life” and also “Your Email xxxxx@xxx.com Was Hacked” and both these emails were sent to me using my own email address, at the same time both the emails contained or captured my legit password. So was I really hacked? If you have also got this kind of email, should you worry? Lets discuss further.
From the email above, the email of the sender is my email address and the password mentioned in the email was a password I have used. I know whenever someone sees their password revealed, it would make them think that they have been hacked. Another sample email would be as per below:
Almost same contents, sent from my email address and revealing a password I have used. The message was change to be more convincing, but I didn’t buy it. Even the bitcoin account is different. Now lets dive deep into what is going on, was I really hacked? How was my information captured by the sender?
Was I Hacked?
Lets do some simple checking based on the email to see if I was really hacked and also identify what is right and wrong with it. One thing which was true about the email was my email address and the password that was mentioned. Apart from that:
- The password which was revealed was a very old password I used with this email address before and no longer used for many years.
- The email address is not an account but instead it is just a forwarding email address which I used to forward to my personal email account, hence the email address mentioned by the “hacker” does not even have any login details, or password.
- I do not use a laptop and most of the time I am on my desktop which doesn’t even have a webcam installed.
- I do not surf PORN websites!
This four reasons are enough to proof that I wasn’t hacked.
So What Happened?
Simple. To make it easy. Data breach information. There are many data leaks out there in the internet and even Dark Web where our login information got out from any of some services we might have used. Some services or websites do not even encrypt our passwords and are just stored as plain text. Based on this information (my password) it seems like the data was leaked very long time ago, but some people who calls themselves hackers are using BOTs to harvest all the email addresses along with the passwords and send out automated emails with simple social engineering in hopes they can earn some quick money!
How Do I Check If My Data (Username / Password) Was Leaked?
There are many tools that we can use to check for this information, but if you are worried for your safety and do not wish to use any tools, then simply check on this two websites.
1.Check if your email address information has been leaked and which services leaked it using – www.haveibeenpwned.com
From the screenshot, we can see that my email address which the hackers targeted was breached in 4 websites or services (the services / websites where your information has been breached are also mentioned on the page).
2. Check if you email address and passwords are available on the internet as plain text using – www.ghostproject.fr
From the screenshot, we can see that the email address the hacker targeted is available along with the password they have revealed in the email. This is how the hackers got your information. No hacking, just plain bullshit.
3. So what tool do i use to check for this information? Check out this cool python script which does more than just revealing the information. It is a really cool piece of script: https://github.com/D4Vinci/Cr3dOv3r
So What Do I Do Now?
Since the emails have already reached you, don’t panic as it’s just a fake email sent by a bot and nobody has any of your information. Apart from that, if you have checked as per above (method 1 and 2) and notice the password available on the breached websites are passwords you are still using, then:
- Change it immediately. If possible do not use that same password on any websites or services.
- Do not use the same password on two or more services.
- Use a reliable password manager, generate random password with it and if possible use a 2FA with it.
Conclusion, Do not worry, you are NOT HACKED so you can safely ignore the email you have received but always be aware of the password you use and on which services you use it. The email sent is just a proof of how social engineering can work and also how people take advantage of someone else’s weakness and mistake.