Dark Web Warning

Click to view larger

Dark Web Warning: a reader asks…

I got an alert today saying my email was compromised on the Dark Internet. Not sure what to do. The notifier – Experian – has this when I logged into my account – I got one back in 2013 from Adobe.com.  I don’t know this site. What do you think?

So I have to be careful here, you sent me a screenshot so I can’t verify the legitimacy of the warning. Usually folks forward the email warning intact so I can view hyperlinks directly, and examine the email headers to determine the actual source. With a screenshot, I can only see what is shown in the picture.

Advertisement

But this looks legit. Assuming you are showing me a screenshot of a website, the URL at the top identifies the site as idnotify.com – which has a legitimate connection to Experian & intuit.com. The warning shows an email and a username, but not a password, so likely that bit wasn’t compromised. The warning is for a specific website: “ShareThis.com – Content Management Plugins” where at least part of your login credentials were found (ostensibly for sale) on the dark web.

hacker-with-code-superimposed-image-from-shutterstock

Also note the date of the suspected compromise at the bottom, nearly a year ago. My guess is that at some point you used the ShareThis.com website, probably to download WordPress plugins or some other software for social network or other web page or site sharing. That website was probably hacked and their user database stolen and now being sold. Again, I’m only going by what I can see on the screenshot, you should verify for yourself that the warning is legitimate.

Your risk is low, but out of an abundance of caution, I’d log into the ShareThis.com website using your existing username and password, and then change the password.

lastpass-logo

As always, I recommend long passwords (over 13 characters), and unique passwords (don’t use that password anywhere else online or offline). Those two aspects of good password hygiene pretty much require you to use a password manager (like LastPass).

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:

Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek
(@PosiTek)

Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to support@positek.net
(Support@PosiTek.net)

Click or tap to open a new browser tab or your Paypal app to send money using your credit card to support@positek.net (no Paypal account required)
(using any credit card)

or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!

2 Comments

  1. What if I’ve never even heard of ShareThis.com but I received a “Severe Alert” concerning my e-mail account?

    • ShareThis.com is generally something that someone who runs a website might use to add sharing buttons (facebook, twitter, etc.) to their site. If that’s not you, then I’d suspect the so-called ‘severe alert’ to be a scam. You shouldn’t follow any links in that email.

Leave a Comment

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

This site uses Akismet to reduce spam. Learn how your comment data is processed.