Tech Lingo
Cyber Security

Over 770 million email addresses exposed: How to safeguard yourself

An internet security researcher, Troy Hunt, has recently highlighted that a total of 772,904,991 unique email addresses have been exposed. This large collection was even nicknamed “Collection 1” by Hunt. Originally consisting of email addresses and passwords totalling 2,692,818,238 rows, it has been making rounds through a popular cloud service called MEGA (data has already been removed). The original set of data was then refined by filtering out possible duplicates by applying different techniques.

How to check if your email address has been compromised?

Simply head over to https://haveibeenpwned.com and enter your email address. This site helps you to perform a search and displays the list (if any) of breaches that you were “pwned” in. If you are uncomfortable keying in your email address into this site, just make sure to follow the tips below to stay safe.

"<yoastmark

What should you do?

If you find that your email address is included in any of these lists, we strongly suggest you immediately change your passwords for all online accounts associated with that email. If not, hackers could make use of the stolen data to hijack your online accounts. In fact, most of us use the same password for all our other accounts – so you know what that means.

Even if your email address isn’t inside any of those lists, you should not let your guard down. Always be careful on which site you are signing into with your account. There has been a rise in phishing sites targetting Singaporeans with fake DBS/POSB websites. In reality, these sites actually record the username and passwords that you entered and immediately attempts to hijack your account.

Some tips to stay safe

  1. Use 2FA (Two Factor Authentication) whenever dealing with sensitive data. An OTP (one-time password) is usually sent to you upon login. This prevents someone else who might have knowledge of your password from logging in. A word of caution: Never share this OTP with anyone even your family/friends. There have been occasions where WhatsApp accounts have been hijacked and hackers impersonate someone close to you. This “friend” then message you asking for this OTP password which you receive on your phone. If you share the OTP with that “friend”, your WhatsApp account gets hijacked as well. This vicious cycle carries on to everyone else in your contacts.
  2. Use a Password Manager (e.g. 1Password, LastPass, etc.) to help you generate unique and strong passwords for each online account. You won’t have to remember the passwords as these Password Managers have mobile applications allow you to sync them across your devices.
  3. Always check the URL of the website you are on especially when signing in to an account. It must have a secured HTTPS connection and a correctly spelt URL. We cannot emphasize this enough!
  4. Always check where your emails come from. There are emails claiming to be from your bank notifying you that your account has been “locked” and immediate action must be taken. It usually directs you to a fake website that steals your login info. If you are uncertain, contact the bank via phone directly.

Comments

Kyle Huang Junyuan

Innovation and its ability to make an impact on the world has always fascinated me. It is my life goal to understand how technology works around us in the hopes that someday, I could actually make the dreams of mine and others into reality. I genuinely crave to address challenges with the use of technology to improve lives by making a positive difference in the world. No future that we dream of is impossible if we set our mind to it.

Subscribe to us on YouTube!

All our video reviews are on our YouTube channel. Be sure to stay subscribed to get the latest tech reviews and recommendations right here in Singapore.