Dark Web Warning

Click to view larger

Dark Web Warning: a reader asks…

I got an alert today saying my email was compromised on the Dark Internet. Not sure what to do. The notifier – Experian – has this when I logged into my account – I got one back in 2013 from Adobe.com.  I don’t know this site. What do you think?

So I have to be careful here, you sent me a screenshot so I can’t verify the legitimacy of the warning. Usually folks forward the email warning intact so I can view hyperlinks directly, and examine the email headers to determine the actual source. With a screenshot, I can only see what is shown in the picture.

Advertisement

But this looks legit. Assuming you are showing me a screenshot of a website, the URL at the top identifies the site as idnotify.com – which has a legitimate connection to Experian & intuit.com. The warning shows an email and a username, but not a password, so likely that bit wasn’t compromised. The warning is for a specific website: “ShareThis.com – Content Management Plugins” where at least part of your login credentials were found (ostensibly for sale) on the dark web.

hacker-with-code-superimposed-image-from-shutterstock

Also note the date of the suspected compromise at the bottom, nearly a year ago. My guess is that at some point you used the ShareThis.com website, probably to download WordPress plugins or some other software for social network or other web page or site sharing. That website was probably hacked and their user database stolen and now being sold. Again, I’m only going by what I can see on the screenshot, you should verify for yourself that the warning is legitimate.

Your risk is low, but out of an abundance of caution, I’d log into the ShareThis.com website using your existing username and password, and then change the password.

lastpass-logo

As always, I recommend long passwords (over 13 characters), and unique passwords (don’t use that password anywhere else online or offline). Those two aspects of good password hygiene pretty much require you to use a password manager (like LastPass).

Leave a Comment

Your email address will not be published. All comments must be approved by the webmaster before they will be publicly viewable. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.