The dark web and security questions (1 Viewer)

[Bayouboy]

I consider myself fairly knowledgeable about computer matters, but I'm unsure if I could potentially be "at risk" with a gmail account.

Long story short, at some point my favorite gmail was hacked. I found out two ways. First, when trying to sign up for twitter for the first time (I was late getting in on that platform), it said my email had been banned or suspended for suspect activity. I had never signed up before, so I sent a few messages to inquire. Anyhoo, apparently someone outside of the country had used my email address to spam folks or something. I changed my gmail password and lived my best life. After seeing a few people I know get their identities stolen, I decided to purchase "ID theft" insurance through Zander. It was here, during my initial setup that their software flagged my gmail as suspected to be compromised. The details read something about the dark web and such. So, I changed my password again and now I used two factor authentication to log in.

My question is since someone has gained access to my email at some point, can they get back in through a "back door" bypassing the regular login credentials? Is this particular account compromised for good? This is not my primary email address, but it probably is my #2 account. I don't have a lot of sensitive stuff on this address, but I do purchase things using that address. I'm worried that I could be leaving the door open for a full ID theft if someone can access it without me knowing.

I'm also clueless about the dark web. If anyone has insight, please share. Move to tech board if warranted.

Thanks in advance.

 

[GeauxWhoDats]

I am sure a few of us can help out. Post your login and password so we can go take a look at your settings.

 

[MLU]

You should be fine with two-factor authentication, but you might want to change your password regularly, too.

 

[SaintRob]

I'd check the "recovery email" setting to see if you recognize that email address.

 

[boutrous]

It's also possible they spoofed your email address and did not ever access it directly. That means they sent email out of a server and put your email address as the sender, but didn't actually log into your account and send it from gmail. This could cause your email address to get flagged, but the information in your account could have never been compromissed. Even if it was, now that you changed your password and use 2-factor authentication, you should be good from them getting back in. As SaintRob said, just make sure your recovery email address is one of yours.

 

[Bayouboy]

Cool. Thanks for the input!

 

[Jeff Miller]

first, there is no such thing as "the dark web". Hackers can and do try to access you data in a multitude to ways that include web sites, email, texts across multiple platforms.

If you don't need to use that email, then i'd discard it and get a new one.

I recomend multiple emails for you use.

One just for financial transactions
one just for family and friends
one for work
and one for generic internet usage

that way if one is compromised, the rest aren't.

and use strong passwords.

 

[boutrous]

first, there is no such thing as "the dark web". Hackers can and do try to access you data in a multitude to ways that include web sites, email, texts across multiple platforms.

If you don't need to use that email, then i'd discard it and get a new one.

I was going to go into that, but decided against it LOL

I recomend multiple emails for you use.

One just for financial transactions
one just for family and friends
one for work
and one for generic internet usage

that way if one is compromised, the rest aren't.

This is good advice

and use strong passwords.

This is the best thing you can do, even better than changing your password often. If you are constantly changing your password, you are going to make it shorter and easier so you remember it. Use a long strong password to begin with, maybe even an extended phrase and you won't have to change it as much.

 

[Charlie Brizzown]

The dark web is like the dark alley where criminals go to interact with each other, usually to buy/sell/trade your information. These identity theft protection services scrape the dark web looking for sensitive information to warn their users that some of their information is being passed around by criminals in the dark web. In your case, it means your email address was discovered in some database being passed around by the criminals.

You've changed your password and setup two factor authentication. Make sure you change all your password recovery questions and backup contacts for that account, then that email account should be safe again.

If the password used on that gmail account was used anywhere else I'd change those passwords as well. Also, if you used that gmail account to sign up to any other accounts, you need to go through the above process for all those accounts as well. Criminals may have gained access to those accounts by using password recovery to that email address.

 

[Waymer]

and use strong passwords.

StrongPassword1

 

[Twyst]

first, there is no such thing as "the dark web".

The dark web is absolutely a thing. There are tons of unindexed web pages out there and there is a reason TOR is a thing.