A majority of online users have had some of their personal identity data exposed in one of the thousands of major breaches that's occurred in the last few years.
The amount of threatening messages hackers are sending to inboxes continues to increase. These phishing attempts either claim a new breach has already happened, or a user needs to pay to keep potentially damaging information from being made public soon.
When you receive a message like this, hackers often claim to have access to one or more of the following:
1. Your login to various company or financial accounts.
2. Access to your PC, including files and folders.
3. Knowledge of your browsing history, along with screenshots or webcam videos of visits to potentially embarrassing sites.
The purpose of these reveals is to scare the reader into taking quick action--usually paying some fee via bitcoin or some other online funds transfer in order to avoid further exposure.
What Should You Do When You Get These Emails?
1. Avoid clicking any links in the email and do not reply. Do inspect the email for signs of a phishing scam (misspelled words, strange domain names, links that go somewhere other than they say when you hover over them, etc.)
Our customers have an Outlook add-in, called Phishing Line that performs a lot of this detective work for them. If you're not sure if an email is legit or not, it's always a good idea to show it to an IT professional or someone who has completed training in spotting phishing scams.
2. Change your old passwords to something new and complex. We recommend using a password management tool like LastPass.
3. Check to see if you have an account that could have been exposed in a data breach.
4. Enable multi-factor authentication across all devices.
5. Take the time to educate yourself on common phishing attacks.
Personal data from old breaches is out there for hackers to get their hands on, but if you take some proactive steps to protect yourself now, you can limit the amount of access the bad guys can get.