Scammers Will Use Your Leaked Passwords Against You

Data breaches are serious events in more ways than one. Of course, your passwords being out in the open is a huge security risk, since bad actors can use them to break into your accounts. However, there’s another nefarious way scammers use your stolen passwords against you, and you need to be aware of it.

If a scammer gets a hold of one of your passwords—especially if you used that password multiple times—they consider you a prime target for this ransom scheme. A scammer will send you an email with your stolen password in the subject line. They want you to think they’ve got you. After all, they know one of your secret passwords; what else could they know about you?

From here, scammers could try all sorts of tactics to scare you, claiming they have compromising information on you, or that they’ve stolen even more of your personal data. Being kind scammers, they will not release that information to the public if you wire them money, usually in a cryptocurrency like Bitcoin.

Do. Not. Pay. This scam is recognized by the FTC, and poses no actual threat. You can simply delete the email, or report it to the FTC.

This does, however, highlight the importance of keeping your passwords up-to-date, and listening when you are informed one of your accounts was found in a data breach. Make sure you’re using strong, unique passwords for all of your accounts, so one breach doesn’t give hackers access to multiple accounts.