There's a good Samaritan named Atechdad out there keeping an eye on your digital security. The online do-gooder has scoured the Internet for stolen passwords and notified nearly 98,000 people that their accounts may be compromised. His emails may appear spammy at first, but if you receive one, don't delete it. The message could contain critical information about your online security.
Atechdad runs a site called urhack.com that's basically a gallery of websites that have been hacked. Since he comes across a lot of stolen passwords in his line of work, he decided to notify people if he saw their email addresses and passwords publicly available online. That way they could update their account information and keep cybercriminals from stealing their stuff.
I run across lots of passwords on the webs. Passwords to bank accounts, Netflix accounts, email accounts - you name it ... I wondered what would happen if I just emailed this information to the people who owned it.
So, he did. Atechdad looked in the dark corners of the Web for compromised passwords and account information. He then sent emails to 97,931 people to the let them know about possible issues with their password. Sadly, most people just ignored his warning.
How many people paid attention to Atechdad's warning? Just 50. That's right, out of nearly 98,000 emails, only 50 users acknowledged receiving the message. And, 41 of those people did so by unsubscribing. In the end, only 9 people said thank you to Atechdad for helping them keep their accounts safe.
But, that isn't stopping him from keeping up the good work, and he plans on doing it again soon. Take a look at one of the warning he sent below.
From: <canary urhack.com>
Date: Tue. 19 May 2015 06:12:41 -0400
Subject: Your account may have been compromise&
To Whom It May Concern: An account associated with this email address may have been compromised. This email has been sent as a warning.
If these credentials match any you are familiar with. we recommend that you change your password as soon as possible. Otherwise. please disregard this message.
The scripts that urhack.com is powered by routinely come across sensitive information which has been published publically. This is usually the result of a hack. social engineering attack or phishing campaign. Many people may not know their accounts have been compromised. We send these emails as a service to let people know so they can take action.
If you do not wish to receive these notifications in the future. please unsubscribe. We will not bug you again. Promise.
Even though Atechdad was just trying to help, I can see why many folks would be skeptical of his message. It contains a few red flags I've told you to look out for in scam and phishing emails such as the typo in the headline. Hopefully, he'll proofread his work next time to avoid spooking any of the people he's trying to help.