Violated and Used by BlankMediaGames, HaveIBeenPwned too?

in security •  6 years ago 

pwnd (1).png

This poor email address of mine has been Pwn'd for like the 9th time now, I literally get 3+ spam emails a minute to that account. I don't use it as much anymore, but I used it for many many years and whenever I get these emails from HaveIBeenPwned I get Goosebumps. It feels like such an invasion, especially since I know the deeper level regarding what scammers/hackers do with this kind of information (and quite a lot of customer information with this one I might add)

This is not major though, at least in my case as I only signed up for an account with this game a very long time ago and only was on the site that one time as I didn't enjoy the game. This was well over 4 years ago and I have been inactive since. It's uncanny how long the internet will hold on to your data, yet a company I used to work for only keeps employee info for 3 months after termination of employment. I tried to retrieve copies of documents that only my old employer would have had because they copied them during my intake, but unfortunately, those copies are long gone from their systems already, and I had them search both digital and physical storage..

I use LastPass for all my passwords so they are never reused, and I change my main passwords (like Google and Facebook) frequently as well.

All the email accounts I use are signed up for monitoring like this from a service offered by HIBP, they will never spam you and only use it to send out emails like this when you are part of a breach.

Stay safe everyone! Time to look into using a password manager (cough https://lastpass.com/f?39449472 cough -- USE MY LINK TO GIVE US BOTH 1 MONTH FREE-PREMIUM!! The free plan is still super amazing too! This is a $2 value and a great way to thank me for this post!)

Additional tips I follow to stay secure:

  • Use a service like 33mail (http://33mail.com/D728Rx3) to create a burner email address that forwards to your main email, allowing you to create addresses on-the-fly, without disclosing the real email to website registrations.
    • You can make a new alias for every site you join, and can use the alias address without first needing to actually 'create' it which gives the added benefit of noticing if the site has leaked your email, since 33mail will be forwarding all the mail that gets sent to your burner aliases, so if you received spam forwarded from, example, "[email protected]" you'll know immediately that the spam came from the cryptocurrency faucet you recently signed up for and they are leaking/selling your info!
  • Might be overkill, but I strongly believe you should never have your browser or password manager save the "Master" password to your password manager. The password for my lastpass stays offline, in my head. This strengthens the need to create backup one-time use codes in case you forget your master though, so do that often and store them offline as well.

  • It's important to enable 2FA on accounts that support it, and if you don't have a smartphone or if you use a Chromebook, like me, there are browser extensions you can use as your 2FA client. I use Authy for this.

  • Sign up for email monitoring at 'Have I Been Pwned', for all email AND any website domain addresses you own that are important to you.

    • If you use the 33mail service that I mentioned above, you would have to monitor each individual alias, if you want to since monitoring the address they are forwarded to won't cut the mustard in this case. I like knowing which of my accounts out there have been compromised in this big online world, of course only the important ones (since I use 33mail for quick signups of things I don't plan to use long-term generally. Out of my ten 33mail aliases so far, only 2 are being monitored.)
  • Have at least 2 main email/gmail accounts, one for personal use for sending mail out to your boss, for example, and another email address that is less serious, for game sites and other miscellaneous.. If you have a business, make a third too!

  • When looking through your email's spam folder (we all do that occasionally to catch any mail that was filtered to Spam by accident, right?) DON'T CLICK OPEN OBVIOUS SPAM MAIL! Also, don't click any links in spam mail. Opening the mail and clicking links can let the spammer know that your address is current and active, which usually leads them to send you more spam or can mean for them that the other info they have along with that account of yours is current too (addresses, passwords etc.). (( There is invisible code they can put within the email that shoots them a message when you simply open the email for view ))

  • Change your email passwords often, and always let your password manager generate a new password for you so that it is complex and so that each account receives a password that is not re-used. NEVER re-use passwords... A lot of people do it and hackers know this and use it to their advantage.. If they get the password for your Spotify account, if it's something like "imlazy321cantrememberALLthesePasswords" it's pretty obvious a password like that might be re-used, so they may try to use it on a Google account using the same credentials.

Ha. That's all I want to say for now. I hope you learned some valuable information from this post. Feel free to share it around. This is the first post I've ever blogged online, so if you liked it, let me know and if you have any questions about anything internet related or about any services/tips I covered in this post, feel free to leave a comment below

Until my urge to write takes over again, remember, #music-always-loops!

🛡🗝📨

This was also posted to my Facebook account

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

I do many things to protect myself from problems. For example, instead of using Microsoft or Apple, I use Ubuntu. I try to use a proxy. I try to change my DNS. I try to use encryption. I try to use the best web browser I can. I use Firefox. But, Brave is probably better. I'm saying this because hackers can sometimes find ways onto your computer in order to hack into email, etc. So, there is remote access (backdoors). Most viruses are written for Microsoft. Most computers run Microsoft as an operating system. I don't change my passwords.