在发生大事之前,我们通常会掉以轻心。我们知道我们的密码需要很强大,因此我们将它们设置为强大的,并认为我们在日常生活中使用的不同网站是安全的。但是随后,黑客或网络犯罪分子想出一些方法来利用这些网站系统中的 漏洞,破解您的登录信息并滥用它或公开发布以供他人查看。本文查看了一些网站,这些网站可以帮助您了解您的信息是否被黑客入侵、盗用或泄露。
我是被黑了还是被盗了
你在这里时不时地报告说,一些电子邮件服务提供商、一些社交账户或其他一些在线账户被黑客入侵并泄露了密码。这里有一些值得信赖的链接,您可以在其中检查您的帐户是否被黑客入侵或泄露。
数据泄露检查器网站
1] HaveIBeenPwned.com
HaveIBeenPwned.com是当您听到有关某些网站被入侵的任何消息时检查您的登录信息是否被盗的第一个地方。它可以让您检查多个帐户违规行为,包括Gawker、Forbes、Mail.ru、Yandex、BitCoin等。该网站由Troy Hunt作为一种激情和社会事业运营。他经常使用公开的列表以及网络犯罪分子窃取的用户(Usernames)名和电子邮件 ID(Email IDs)更新网站,这些网络犯罪分子声称已经入侵了一个网站。大多数情况下,数据来自黑客最喜欢的网站 pastebin.com,用于粘贴他们窃取的信息。在其他情况下,亨特(Hunt)从其他地方收集它并更新他的网站,以便您可以检查您的登录凭据是否被盗。对亨特(Hunt)来说,这是一项艰巨的任务,但他的热情使它变得更容易。
您可能会怀疑并问——它是一个电子邮件收集网站吗?但到目前为止,还没有任何人投诉,因此您可以认为该服务确实是真实的。如果您选择收到任何违规通知,该网站确实提供存储电子邮件。但我个人认为,除了自动通知您之外,他们不会将您的电子邮件用于任何目的。
阅读(Read):我如何知道我的电脑是否被黑客入侵(How do I know if my Computer has been Hacked)。
2] PwnedList.com
另一个由一群爱好者经营的网站是Pwnedlist.com。该网站拥有超过 366,967,703 个条目,可以告诉您您的电子邮件在最近或现在是否曾被黑客当过。您在搜索系统中输入的电子邮件ID将被存储。(IDs)这在他们的常见问题(FAQ)页面上有说明。但是,他们说,存储这些信息仅用于两个目的。第一个是抓取网络以查看匹配的电子邮件ID(IDs)是否存在违规行为。第二个是如果您的登录凭据被任何选择在Internet(Internet)上任何地方张贴的黑客发现违反了您的登录凭据,则通知您违反。
该公司表示,他们还从第三方那里获得信息,这些第三方的工作是发现漏洞。结果,他们拥有庞大的数据库,因为他们可以告诉您您是否在任何时间点被盗用。
3] LastPass.com
LastPass也是一个在线密码存储提供商和密码生成器(password generator)。这些密码中的大多数是无法记住的,因此是牢不可破的(或几乎牢不可破的)。 LastPass还会让您知道您的登录凭据是否被黑客入侵。Lastpass的过程很简单,就像上面提到的网站一样。只需(Just)将服务或网站的名称附加到 http://lastpass.com。您可以检查Gmail、LinkedIn、LastFM、Adobe、eHarmony等中的违规行为。
例如,要查找Gmail违规行为,可以使用http://lastpass.com/gmail。到达那里后,您将获得一个文本框以输入您的电子邮件 ID。输入您的电子邮件 ID 后,它会搜索数据库并让您知道它最近是否曾被破坏。https://lastpass.com/adobe,,您可以在https://lastpass.com/linkedinhttps://lastpass.com/lastfm查看其他https://lastpass.com/eharmony在。
阅读(Read):使用密码强度检查工具检查(Password Strength Checker Tools)您的(Check the Strength of your Password)密码强度。
4] 哈索普拉特纳研究所
Hasso-Plattner-Institute运行电子邮件检查器,检查您的电子邮件是否包含在任何泄露的数据中。每天,个人数据都会在犯罪网络攻击中被盗。大部分被盗信息随后在互联网(Internet)数据库上公开,作为其他非法活动的起点。使用HPI Identity Leak Checker,可以检查您的电子邮件地址以及其他个人数据(例如电话号码、出生日期或地址)是否已在Internet上公开,从而可能被滥用于恶意目的。
告诉您是否被黑客入侵的其他网站
Pwn是黑客的术语,意思是“妥协”。就像(Just)他们使用“tango down”来指代被黑和恶意网站一样,他们使用“pwn”来指代被入侵的网站。无论如何(Anyway),由于我们更想知道我们的登录凭据是否安全,因此这里列出了更多网站,这些网站会告诉您您是否被入侵 - 以及针对哪些服务:
这些服务可能面向一种或多种电子邮件服务,因此可能不是完整的列表。但是您可以使用它们来再次确认您的疑虑。
被黑客入侵后该怎么办
首先是检查您是否仍然可以访问该帐户。如果是,请继续更改密码(change the password)。不仅如此,即使没有关于网站被入侵的报告,也要更改您一直使用电子邮件地址登录的所有其他网站的密码。这将增加您的安全性。
以下是我们创建的有关登录凭据被泄露或被黑客入侵时该怎么做的文章列表:
- Facebook帐户被黑(Facebook account hacked)
- 谷歌账户被黑(Google account hacked)
- 推特账号被黑(Twitter account hacked)
- 微软账户被黑(Microsoft account hacked)。
如果您有任何其他意见,请与我们分享。
Stay safe!
Find out if your online account has been hacked & email & password details leaked
Until ѕomething big happens, we often take things lightly. We know our passwords need to be strong, so we made them strong and think we are safe with the different websites we use in our daily life. But then, hасkers or cybercriminals come up with methods to explоit vulnerabilities in the ѕystems of these websites, hack your login infоrmation аnd either misuse it or post it oрenly for others to see it. This article cheсks out ѕome sites that can helр you know if your information waѕ hacked or рwned or compromised.
Have I been Hacked or Pwned
Every now and then you here report that some email service providers, some social accounts or som other online accounts have been hacked and passwords leaked. Here are a few trustworthy links where you can check if your account was hacked or compromised.
Data breach checker websites
1] HaveIBeenPwned.com
HaveIBeenPwned.com is the first place to check if your login information is stolen when you hear any news about some website being compromised. It lets you check several account breaches including Gawker, Forbes, Mail.ru, Yandex, BitCoin, etc. The site is run by Troy Hunt as a passion and as a social cause. He updates the website frequently with lists made public and the Usernames and Email IDs stolen by cybercriminals, who claim to have compromised a website. Mostly, the data comes from pastebin.com which is the favorite site of hackers, to paste the information they stole. In other cases, Hunt collects it from other places and updates his website so that you can check out if your login credentials were stolen. A difficult task for Hunt, but his passion makes it easier.
You may doubt and ask – is it an email harvesting site? But so far, no complaints have been made by anyone, so you may assume that the service is indeed genuine. The site does offer to store the email if you opt to be notified of any breaches. But I do not think personally that they will use your email for any purpose other than auto-notifying you.
Read: How do I know if my Computer has been Hacked.
2] PwnedList.com
Another website run by a bunch of enthusiasts is Pwnedlist.com. With over 366,967,703 entries, the website tells you if your email was ever pawned by hackers in the recent past or present. The email IDs you enter into the search system are stored. This is stated on their FAQ page. But, they say, that this information is stored only for two purposes. The first is to crawl the web to see matching email IDs for breaches. And the second is to notify you of the breach if your login credentials are found breached by any hacker who opted to post anywhere on the Internet.
The company says that they also get inputs from third parties whose job is to find breaches. As a result, they have a huge database as they are thus in a position to tell you if you were pwned at any point in time.
3] LastPass.com
LastPass is an online password storage provider and password generator as well. Most of these passwords are unmemorizable and are hence, unbreakable (or almost unbreakable). LastPass also lets you know if your login credentials were hacked. The process is simple with Lastpass, as it is with the above-mentioned websites. Just append the name of service or website to http://lastpass.com. You can check for breaches in Gmail, LinkedIn, LastFM, Adobe, eHarmony, etc.
For example, to find Gmail breaches, it would be http://lastpass.com/gmail. Once you are there, you will be given a text box to enter your email ID. Upon entering your email ID, it searches the database and lets you know if it was ever breached recently. Likewise, you can check for other services at https://lastpass.com/linkedin, https://lastpass.com/lastfm, https://lastpass.com/adobe, https://lastpass.com/eharmony and so on.
Read: Check the Strength of your Password using Password Strength Checker Tools.
4] Hasso-Plattner-Institute
The Hasso-Plattner-Institute runs an email checker that checks if your email was in any of the leaked data. Every day personal data is stolen in criminal cyber-attacks. A large part of the stolen information is subsequently made public on Internet databases, where it serves as the starting point for other illegal activities. With the HPI Identity Leak Checker, it is possible to check whether your e-mail address, along with other personal data (e.g. telephone number, date of birth or address), has been made public on the Internet where it can be misused for malicious purposes.
Other sites that tell you if you have been hacked
Pwn is a hacker’s term to mean ‘compromise’. Just like they use “tango down” to refer to a hacked and mal-faced website, they use ‘pwn‘ to refer to a compromised website. Anyway, since we are more interested in knowing if our login credentials are safe, here is a list of more websites that tell you if you were breached – and for which service:
- lookup.gibsonsec.org : SnapChat, etc.
- securityalert.knowem.com : Gmail, etc.
- isleaked.com : Supports Dropbox too (UPDATE: Discontinued).
- breachalarm.com : This site tells you if you need to change your email password. You can register for an Email Watchdog account to be notified immediately if they spot any of your email addresses in future breaches.
These services may be oriented towards one or more of the email services and as such, may not be complete lists. But you can use them to reconfirm your doubts.
What to do when you have been Hacked
The first thing is to check if you still have access to the account. If yes, go ahead and change the password. Not only that, change the password for all other sites where you have been using the email address for login even if there are no reports of the websites being breached. That will add to your security.
Here is a list of articles we created on what to do when login credentials are compromised or when you are hacked:
- Facebook account hacked
- Google account hacked
- Twitter account hacked
- Microsoft account hacked.
If you have any additional inputs, please share it with us.
Stay safe!