I know your password! It's...

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

what would you do if someone sent you an email and the email had your real password may have been a password you used a few years ago but it's still your password you wonder how someone could have got hold of your password but then you notice the email also has a threat in it the email goes on to say that you had visited a porn website which had malware on it and through that malware this person was able to get remote desktop access to your computer and they had installed a key logger and that accessed your display screen and webcam the email also says that this person has gathered all your contacts from messenger Facebook and email whoever this is is demanding a payment of thousands of dollars to keep this a secret I'm they're demanding payment via Bitcoin to make sure the transaction is completely anonymous the problem is that people really are getting these emails at the moment and it's an ever more popular scam critical alert from Oregon I have heard from lots of people particularly over the last six months that they have received these blackmail emails they're always of a similar format somewhere in this email will be your real password and that will begin to make you think that perhaps these people do really have information about you some will just ask for money others will ask you to perform for them in front of a webcam so how exactly do these blackmailers or six torsion 'us get your password in the first place where does it come from the answer is it's a data breach on this representation on screen taken from information is beautiful and as a link below shows which organizations have been compromised in some shape or form in the last 10 years each of the circles represents just how much data has been breached and it's not always because the system has been hacked sometimes this is an inside job sometimes somebody's just left information or a device right in the open but other times it's just a lack of secure or even somebody has misconfigured a web server potentially leaving all of your sensitive information in the open so potentially your email address and its associated password has been breached in one of these databases now your personal details can be bought and sold freely on the dark web so how are you going to know if your email address and password is available to scammers well there's a website called huff I been poned calm and this is owned by a guy called troy hunt and I've left a link to this in the description here you can type your email address hit pwned and see if your email address has indeed been breached whether it has or not the advice on better security is always worth taking the advice that it gives is to have a different password per website something that's not always easy and to enable two-factor authentication but more on this in a second the website also gives a lot of information on recent data breaches and if you use one of these websites your best to heed the advice on having a different password pair website at the bottom of the page it gives the details about where your email address and password were find and if you do find your email address in there you're in good company at present there are 5.6 billion email address and password combinations already leaked and unfortunately this is a sign of things to come even if you've never received an email like the one I showed at the start of the video you're almost bind to get one in the near future and this is because breaches are sadly inevitable and it's not just the small companies most of the huge data breaches are from very well-known companies like Yahoo or in this case LinkedIn I personally know two people who have had the threatening email with their LinkedIn password they at least be able to identify the source of the leak so if data breaches are inevitable what can you as an individual do to minimize the impact of these breaches the first very obvious way is to have different password on each website and that will mean you only need to change the password just once on the site which has been breached but of course we've all heard the recommendations on what to use as a password ask me private secret easily remembered at least eight characters a mixture of upper and lower case with digits and symbols not using a dictionary not guessable and so on and of course you've got to do this for multiple websites personally I have at least 50 passwords and I'm not going to remember all of these particularly if they have to be in the right format so that they're not easily crackable so how do you go about solving the problem of having a secure password memorable and different for every website to use the answer is a password manager a password manager is a bit of software which ideally runs on all the devices you use and will generate secure and unique passwords for every website so instead of having to remember multiple strong passwords you only have to remember just one and the password manager that I use is called - lien and to be totally transparent - lien or sponsoring this video but I'm happy to endorse something I use on a daily basis and the reason I use it a lot is not only will it generate and automatically fill these passwords into relevant websites but it will also check if your username and password appears anywhere on the dark web and it even includes a VPN feature which is available in the premium version and you can try out - lien yourself by going to - then com / Jim browning and it's in the description and use the code gem running at the checkout for a 10% discount on the premium version so what should you do if you get one of these extortion emails first of all don't panic either to know that the passwords have probably come from a data breach and there's nothing to do with any webcam or key logger access you know your private data is probably safe however you should just do a virus scan just in case the one which is built into Windows 10 Windows Defender is more than adequate for detecting if anything nasty is installed on your computer next you should tip over your webcam when it's not in use you can even buy products which will look a little bit less on cycling and duct tape over your webcam but it is something that you should do next if you ever do get an email like this never ever pay even if the cyber criminal did have something on you there's no guarantee that making a payment would have any difference you should also reset the password if you recognize the website that it came from or if you've used it multiple times make sure you do that on every website where it's been used lastly turn on two-factor authentication wherever you possibly can to factor is simply a way that you can verify a login or a transaction on your mobile device with this even if your password did leak on the dark web you need to verify the transaction or login lastly do consider updating your passwords it's a real pin but something like - Lee and makes the process a lot easier it will help you identify which passwords are weak and please consider changing these unremember you can try out - then yourself using - then calm sot jim browning it's free for 30 days and if you decide you'd like the premium version remember to use the code jim browning for that 10% discount at the checkout so if you ever do get one of these emails in the future at least you'll know what to do and what not to do thank you again to all my supporters on patreon unter - lien for supporting this particular video check out my Twitter feed out Jim browning 11 once again thanks for watching [Music] [Music]

Info

Channel: Jim Browning

Views: 1,481,569

Rating: 4.9243145 out of 5

Keywords: Password Scam Extortion Sextortion Dashlane Fraud Scary email My password

Id: 1JDCbq9Uq5o

Channel Id: undefined

Length: 9min 4sec (544 seconds)

Published: Thu Jan 03 2019