How to Check if Your Email Has Been Hacked
How it works
A website you use gets hacked...
... and hackers post your login details online...
...we spot the hack and warn you
You may also be wondering…
Every year, billions of login details from hundreds of websites are taken in hacker attacks. These stolen email addresses, passwords, and other account details are then exposed on the dark web or sold on the black market, where criminals pay to gain access to your sensitive data. Companies or organizations you do business with can also leak or publish their users' sensitive information by accident.
If criminals get a hold of one of your accounts, they can potentially impersonate you, message your contacts, access your cloud storage, steal your money, and even jump to your other accounts. That's why we take password safety so seriously.
Sadly, the most common sign you've been hacked is often nothing. While companies will often announce when they've been hacked or suffered a leak, they usually don't do it right away — sometimes months can pass before they come public with that knowledge, and in that time, hackers could be doing anything with the stolen data. They also won't typically tell their customers whose data was specifically lost in each leak: they just expect that everyone who uses their service should change their passwords.
That said, there are two ways to tell for sure if you've been hacked: one is to suddenly find yourself the victim of identity theft, which is less than ideal. The second, more preferred method, is to use a service like Avast Hack Check, which collects data from all around the internet to identify if your details have been posted online or were subject to any leaks.
Avast Hack Check notifies you automatically if your password is compromised, so you can secure your accounts before anyone can use your stolen passwords. As the world's largest consumer security company, we can securely check if any of your login details appear in our database of password breaches, then find out if your account are at risk, and therefore help keep your accounts safe — and you can trust us not to share your email address with anyone, or leak passwords ourselves, obviously.
What else can you do? Try our free strong password generator, to create less hackable passwords or do it yourself with our DIY strong password guide. Brush up on your phishing scam-spotting skills so you don't get tricked by fakes.
Oftentimes, nothing.
See, when details like this are leaked, the data that's lost is almost always encrypted: which means that hackers have to un-encrypt the data in order for it to be useful. This is why it's often faster and more profitable to simply sell the encrypted data for a quick paycheck, rather than steal anything themselves. Even if they do decide to decrypt the data, any strong passwords could take years — or even decades — to be decrypted. So if you've got a strong password, you could actually get "hacked" and be fine for a long time.
That said: if you have a weak password, things get bad. A simple password — or worse, a common password like "123456", can be decrypted in seconds. With this and your email, they can access any account that uses that email/password combination, pilfering your data, stealing your identity, and ransacking your digital life. Just another reason to make sure every account has a unique password.
A villainous hacker can do a lot with a simple email address.
- They can try to "brute force" their way into any number of online accounts by using a list of commonly used passwords, giving them access to your digital life if yours isn't strong and unique.
- They can add your email to a spam mailing list to earn a quick buck.
- They can set up a fake social media account for you and trick your friends or family into downloading malware, or giving them cash or information.
- They can send you phishing emails to trick you into downloading malware that could steal your data, or hold it ransom for money.
- Or they could sell it to other hackers on the dark web who'll do all those things instead.
If Avast HackCheck comes back with a positive result, here are the next steps for what to do:
- Don't panic. You have everything you need to come to grips with the situation.
- Go to the email account you just checked and open the email report we'll send you. It'll contain dates and passwords that have been leaked.
- Check the passwords that have been leaked. If you're still using the same password for the same account, change it immediately. Do this for every leaked password and account. If hackers have changed your password for you in an attempt to lock you out, contact the site for help.
- Double-check that any of the hacked accounts don't have anything important linked or saved to them, like a credit card number. If they do, contact the appropriate authorities.
- If you feel inclined, you can also immediately report any cybercrime you've encountered to the authorities.
How to Check if Your Email Has Been Hacked
Source: https://www.avast.com/hackcheck