Online Security

Page may contain affiliate links. Please see terms for details.
bruce1530

bruce1530

Guru
Location
Ayrshire
classic33 said:
Not an accurate result. Used one known to have been hit/abused and it comes back as clear/no problems
Click to expand...
It doesn’t list every compromise - only those where the list of names has been made available, either in public or privately to the site. It’s got most of the big ones - linkedIn, adobe, etc.
 
classic33

classic33

Leg End Member
bruce1530 said:
It doesn’t list every compromise - only those where the list of names has been made available, either in public or privately to the site. It’s got most of the big ones - linkedIn, adobe, etc.
Click to expand...
Try searching "Barclays, hacked"
Image2.jpg
 
bruce1530

bruce1530

Guru
Location
Ayrshire
that’s not how you use it. You give it an email address, and it tells you whether that address has been released in some way.

For example, if I put in my “home” email address, I get:

hibp.jpeg


If I do the same with my work email, I get 5 results...
 
classic33

classic33

Leg End Member
bruce1530 said:
that’s not how you use it. You give it an email address, and it tells you whether that address has been released in some way.

For example, if I put in my “home” email address, I get:

View attachment 373855

If I do the same with my work email, I get 5 results...
Click to expand...
bruce1530 said:
that’s not how you use it. You give it an email address, and it tells you whether that address has been released in some way.

For example, if I put in my “home” email address, I get:

View attachment 373855

If I do the same with my work email, I get 5 results...
Click to expand...
Company name only. E-mail address I know has been abused comes up clear.
adobe.jpg
 
Alan Frame

Alan Frame

Gnu
Location
Lost In Space
Alan Frame said:
View attachment 373856

As a result of the TalkTalk hack, I am reminded approximately a dozen times a day that I have been pwned.
Click to expand...

The question is, what exactly can you do to safeguard yourself once you've been pwned?

Short of completely changing my email address with all the various people and companies I have dealing with, so far I:

*forward the scam email to the legitimate organisation being hidden behind, for them to be aware/investigate
* never click on a link in an email, but go to the website instead
* refuse to use mobile banking apps as I just don't trust them
*have changed passwords for everything I can think of to very random sets of numbers, letters in upper and lower case and symbols [ right pain in the proverbials logging in of course]
* try to only check emails when on my laptop as I find it is too easy to accidentally click on something like a malicious link, say by fumbling the phone or being distracted.
* generally being aware that the Beloved Reverend is never going to be sending me $247,000,000 out of his charitable fund

Is there anything else that I can do to safeguard myself, as the scams seem to be getting more and more sophisticated?
 
Last edited:
Tin Pot

Tin Pot

Guru
Alan Frame said:
* refuse to use mobile banking apps as I just don't trust them

* try to only check emails when on my laptop as I find it is too easy to accidentally click on something like a malicious link, say by fumbling the phone or being distracted.
*
Click to expand...

This is actually the opposite to the professional advise I would give.

Firstly use a phone with a closed, proprietary operating system, secondly ensure the phone is never jail broken and thirdly updated immediately/automatically as a release is made.

This gives you a device that is fundamentally more secure than your average laptop.

Mobile applications delivered to such a device are also fundamentally more secure. For starters the development of mobile banking is done in a state of paranoia :smile:. They run is a mode that is completely different and consequently more secure than on laptop operating systems.

Lastly, the incidence of compromise of mobile devices, platforms and apps is much much smaller than laptops and desktops - so you're operating in a less risky threat landscape.
 
Tin Pot

Tin Pot

Guru
Diogenes The Sarcastic said:
With news that another organisation has been hacked and personal details lost, is it time to start fining companies that suffer such lapses in security? Maybe a financial guarantee per user?

http://www.bbc.com/news/technology-41286638

Or does this already happen? All I seem to get (not with this example) is a mealy-mouthed apology.
Click to expand...

Four, five and six figure sums this quarter:

https://ico.org.uk/action-weve-taken/data-security-incident-trends/
 
twentysix by twentyfive

twentysix by twentyfive

Clinging on tightly
Location
Over the Hill
twentysix by twentyfive said:
How do I know if my (personal) details have been stolen?
Click to expand...

Tin Pot said:
That's actually quite a broad question - I would ask what is the info you don't want other people to know?

For me, my name, address, sex, age and date of birth are not secrets.

My credit cards shouldn't be out there, though my bank refunds their misuse.

And I wouldn't want other people reading my emails.
Click to expand...
Stolen is maybe the concern. It implies an intent to misuse.
 
srw

srw

It's a bit more complicated than that...
Dan B said:
If it were possible to opt out of appearing in credit reference agency's files, then sure, this would be an option. But in the real world i doubt the various lenders, landlords, etc, who use Equifax to check whether you're a bad credit risk care overmuch whether they have let all your data get stolen
Click to expand...
You think wrong. I suspect you'll find a lot of big firms dropping Equifax like a hot potato. That's partly fear of being dinged themselves for lost data, and partly because they know that their own reputation for looking after customer data is too valuable to entrust to someone who has screwed up.
 
MacB

MacB

Lover of things that come in 3's
Location
Farnborough, Hampshire
srw said:
You think wrong. I suspect you'll find a lot of big firms dropping Equifax like a hot potato. That's partly fear of being dinged themselves for lost data, and partly because they know that their own reputation for looking after customer data is too valuable to entrust to someone who has screwed up.
Click to expand...

That wasn't how I was reading Dans post, I took it to mean that we are relatively powerless as individuals to combat the storage of our data for business purposes. The big firms don't care about us they care about their ability to make money.
 
srw

srw

It's a bit more complicated than that...
MacB said:
That wasn't how I was reading Dans post, I took it to mean that we are relatively powerless as individuals to combat the storage of our data for business purposes. The big firms don't care about us they care about their ability to make money.
Click to expand...

The first sentence is why regulators exist, and why the powers of European information regulators are being very significantly strengthened. Even if our idiot government cuts off all regulatory ties with the EU businesses will still be following European rules for the foreseeable future if they want to trade in Europe (and many of them do). And the second sentence, as I'm sure you know, is less true than many of the more sloganising radicals would want to admit. It's easier to say "all business wrong" than to acknowledge that business has increased prosperity and that there are many ethical people with a very significant influence over business.
 
You must log in or register to reply here.

Similar threads

Drago
The Forthcoming Online Safety Act
Replies
50
P
Big Brother or Security Risk ... Strava
Replies
4
night cycler
Advice about listing my bike online, and ebay's changes to size & colour of text limitations.
Replies
0
Chris S
Checking-in online
Replies
2
Top Bottom