Bloggista

How to check if your email account is compromised, and fix it

Spread the love:

With the shocking news in September 22, 2016 that Yahoo finally admitted to a widespread data breach involving some 500 million user accounts, and the recent massive emails and data breach at Verifications.io it is time that everyone should take data and account security very seriously.

Most of our online accounts are registered using an email, and chances are, if you happen to use Yahoo email, that your account is one of those accounts breached.

“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” Yahoo said in an statement.

Yahoo have joined LinkedIn as well as Dropbox as of late in the list of popular websites which were compromised – probably with the biggest number of accounts stolen (estimated at 500 million). LinkedIn breach involved some 117 million accounts, while Dropbox had 68 million accounts and passwords leaked.

Just before the May 2016 Philippines Presidential elections, the COMELEC voters information website was also hacked with data on 55 million Filipino voters leaked publicly which included personal sensitive information such as biometric data and fingerprints, dates of birth, email addresses, family members’ names, genders, job titles, marital statuses, names, passport numbers, phone numbers, physical addresses and physical attributes. The breach however, only included 228,000 email addresses.

How can you check if your email account is breached, worse, is posted somewhere? Troy Hunt (@troyhunt), Microsoft Regional Director and MVP for Developer Security have developed a website which checks various online databases of leaked accounts.

HAVEIBEENPWNED.COM allows you to check your email account if it has been compromised in a data breach. It gives information the source of the data breach if your account happens to be part of a leak.

What to do if your email account is compromised? 

Securing your account should be a top priority. The below steps can help you start securing your accounts to prevent unscrupulous individuals to take advantage of your sensitive personal information and avoid credit card fraud, identity theft and other malicious and illegal activities.

  1. Change your password ASAP.
  2. Create a strong password, and should be unique for each account. It should be a mix of letters, numbers and symbols. Check here for a guideline in creating strong passwords.
  3. Never share your password to anyone.
  4. Change your passwords regularly.
  5. Setup 2-step verification of your email accounts. Popular email providers like Gmail and Yahoo have 2-step verification features to act as extra security protection. Every time you sign in from an unrecognized device or computer, you’ll be asked to enter the verification code that is sent to your mobile number.
  6. Maintain at least 2 emails. One email to be used for online accounts for social media, gaming, subscriptions and other public websites, while another email to be used only for private or personal purposes like online banking, credit card statements and other sites which require you to maintain sensitive personal information.
  7. Minimize if not avoid using public wifi to access your accounts associated with sensitive information.
  8. Be mindful of fake sites and other unsecured sites that may inject your computer or mobile devices with viruses and malware and can compromise not just your email account but your entire data.
  9. Do not open emails and attachments from unknown people or sources. Be mindful of social engineering tactics which are aimed to harvest sensitive personal information.
  10. If you are engaged in a business, or employed, never use your business or company email to create social media accounts and to subscribe to online newsletters and publications.

Data security should be everyone’s concern. Awareness is key to ensuring your accounts and sensitive personal information are safe. When you suspect that your account is compromised – follow the above steps.

~

‘Massive’ 808 million emails and data breach at Verifications .io

Spread the love:

A massive number of emails of about 808 million with personal information were leaked online when a public MongoDB was kept without a password by an “enterprise email validation service provider” Verifications.io.

Compromised data were Dates of birth, Email addresses, Employers, Genders, Geographic locations, IP addresses, Job titles, Names, Phone numbers, Physical addresses of individuals.

The discovery was made by Bob Diachenko of SecurityDiscovery.com on February 25, 2019.

According to HaveIBeenPwned – an online service which detects and reports if your email has been part of a data breach –

In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed. Many records within the data also included additional personal attributes such as names, phone numbers, IP addresses, dates of birth and genders. No passwords were included in the data. The Verifications.io website went offline during the disclosure process, although an archived copy remains viewable.

— HaveIbeenPwned

How does an Enterprise email validation service like that of Verifications.io works?

  • Someone uploads a list of email addresses that they want to validate.
  • Verifications.io has a list of mail servers and internal email accounts that they use to “validate” an email address.
  • They do this by literally sending the people an email. If it does not bounce, the email is validated.
  • If it bounces, they put it in a bounce list so they can easily validate later on.

For more information about this data breach, click here for Bob’s blog post.

To check if your email is part of a data breach, go to HaveIBeenPwned website.

Image courtesy of www.securitydiscovery.com

Creating a Good Brand Online through Social Media Engagement

Spread the love:

As mentioned in the previous two articles, one of the most effective virtual branding tools is the social media. Obviously, it’s a great avenue for promoting blog posts, increasing readership, gaining followers, and improving blog stats.

Unfortunately, not too many bloggers understand how to utilize it to their advantage. To enhance blog branding using social media, keep your content similar to what you have on your blog.

People already familiar with your blog can easily identify your brand when they see it in social media. If you don’t remain consistent with your brand image, this may cause confusion and result to unimaginable drawback to your blog.

The importance of being selective with what you post in social media cannot be undermined. If you post only about specifications, people may think you’re only after the stats. Let your voice be heard in your posting by providing a personal touch to your content.

Follow and connect with potential readers who may be interested with your two cents to find out how you can build a relationship with them. In doing so, you have to be cautious in avoiding these common mistakes on social media:

  • lack of specific targeting
  • not acknowledging people for sharing content
  • poor timing
  • wrong choice of hash tag to use

Taking the route of blog branding using social media is not difficult if you know how to take advantage of it. Start small by posting quality content which people will patronize for the information, and will recall for the personality and values you’ve injected.

Creating a Good Brand Online with Your Blog

Spread the love:

Bloggista.com started as a make money online blog, exploring different ways in making money online like affiliate marketing, paid reviews and advertising.

Then came the SEO madness where this blog was used to experiment getting traffic from popular searches, making it virtually a “no value” blog due to inconsistent contents.

It did generate “some money” in the process, however it was short-lived, and Bloggista.com lost its “identity.”

Right now I am embarking on re-branding this blog, focusing mostly on my favorite topics on business resources and tools like cloud computing and big data, applying blogging and social media engagement techniques I learned over the years to earn some followers and reach, targeting those who are new or aspiring bloggers either for personal or business purposes.

Moving on, the previous article discussed about the need to establish a personal blog brand, and build your brand online using social media. Once you already have a blog, it’s safe to say you’re a step closer towards the goals you have set as a blogger. The idea now is to improve your blog continuously. How can you do that?

First, your blog should be informative enough to both educate and entertain. Giving tips, trivia, and instructions are what keep the audience engaged with the blog.

Interweave the blog with personal experiences to tap the audience’s tendency to relate with articles built on emotions. However, keep in mind that it’s one thing to post occasional rants, but it’s another create an impression that you’re maintaining a “hate blog”.

Finally, the blogs must come on regular basis to get hold of readers. Finding that there is always something to wait from the blog will make your audience wanting for more.