Message that my email has been hacked but no website listed

I got an email that said my email had been hacked and on several of the sites I could see the site address. However, a number of them just said my email address with no internet address for the site it had been hacked from. What should I do?

Thanks,
Hilary

Check email and password here

Email https://haveibeenpwned.com/

Password https://haveibeenpwned.com/Passwords

Password generator https://my.norton.com/extspa/passwordmanager?path=pwd-gen

A good place to check.
https://www.avast.com/hackcheck
If you’re using Avast Passwords Manager, it has a built in password generator.

@ Hilary13
I would first question the source of that email and if you had actually initiated/requested such a check ?

The reason I asked is the email in itself could be trying to provoke a response, I certainly wouldn’t respond, by email, telephone or website in any unsolicited email.

I guess it was one of the usual sextortion scam that want you to pay with bitcoin ?

Video with samples here https://www.youtube.com/watch?v=M7ybCrkracM

Sextortion Scam Uses Recipient’s Hacked Passwords
https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/

https://www.bleepingcomputer.com/news/security/new-sextortion-scam-pretends-to-come-from-your-hacked-email-account/

https://www.forbes.com/sites/thomasbrewster/2018/07/31/sextortion-scam-with-hacked-passwords-scores-250000-dollars-for-cybercriminals/

https://nakedsecurity.sophos.com/2018/07/13/sextortion-scam-knows-your-password-but-dont-fall-for-it/

https://blog.barkly.com/sextortion-email-scam-spoofing-password

Which is exactly why I mentioned it, unsolicited email should be treated with the highest level of suspicion.

99.999% of all unsolicited emails are trash and that other .001% should be treated with extreme caution.

I’m an equal opportunities kind of guy, they all get treated with equal suspicion :slight_smile:

Agree too ^ ^^.

This almost certainly a scam/phishing/low level ransom shaming attempt of some sort. If you contact them all you’ll be doing is confirming that your email address is valid and in use. One dreads to think what you’ll start finding in your inbox from then on.

Just like those unsolicited telephone calls you can get from ‘Microsoft’ or somebody who claims to be from your ISP about unspecified security compromises and want you to hand over control of your PC so they can fix it for you. Laughable but plenty of people fall for that kind of thing every year.

The answer to what you should do is always nothing. Ignore it, blacklist the sender’s address and delete the email, and if they try again report it to your ISP who usually have some sort of facility for doing that.

Thanks, all, for your help. The email actually said that my password has been leaked (I guess that may be different than being hacked?). Would your advice be different?

I did check on Have I Been Pwned, and they said that email account hasn’t been pwned.

Thanks so much for your help! I so appreciate it,
Hilary

Hi, follow the link in Reply #2 from Bob.