Online Privacy

Have I Been Pwned? 8 Ways to Protect Your Emails

Internxt

8 min read
Have I been Pwned

Are you worried that your email has become one of over 14 million in a data breach? Then worry no longer! This article will give you all the advice to secure your email account, prevent your email from being leaked online, and minimize the risks of phishing, ransomware, and other cyber threats.  

The first step you will need to take in a have I been pwned situation is to check if your email has been exposed in a data breach. For that, you can check Internxt’s new tool, Dark Web Monitor, a free service where you enter your email address, and we will instantly tell you when and where your email has been breached.

Check it out here https://internxt.com/dark-web-monitor. Go ahead, we'll wait!

Internxt Dark Web Monitor

So, have you been pwned? Here’s what to do, but first, some background about have I been pwned and how the tool works.

Table of contents

  1. Change and check your password strength
  2. Use a temporary email
  3. Use a VPN
  4. Enable MFA
  5. Try alternative login methods
  6. Identify phishing emails
  7. Store personal information securely
  8. Regularly monitor your accounts

What does pwned mean?

The term pwned originated in the gamer and hacker community and was used as slang for owned or defeated in online gaming. It’s commonly referred to as pwned due to a common typo in online gaming when people get too excited and mistype the o for a p, resulting in pwned.

Like most things on the internet, the term pwned became a meme in the gaming world. In the context of cybersecurity, pwned refers to someone’s sensitive information being compromised by hackers due to pwning or hacking large corporations.

What is have I been pwned?

Troy Hunt created Have I Been Pwned in December 2013 to help people identify whether their email had been exposed in a data breach. Like Internxt’s Dark Web Monitor, you enter your email, and both platforms scan a database of known breaches to see if your data leaked online, offering details about the breach, such as:

  • Where, when, and how the leak happened.
  • Compromised data: emails, passwords, password hints, or usernames.

Which may result in a result like this:

Have I been Pwned results

Or, if you follow the guidelines of solid cyber hygiene, you may get a better result like this:

Have I been Pwned results

While have I been pwned is used to inform you about these breaches, Internxt Dark Web Monitor is part of a broader platform of tools and products to protect you online, such as a free password generator, checker, VPN, and private cloud storage, all designed to prevent your email being exposed in future data breaches.

What should you do if your email address has been pwned?

If your email shows up on our Dark Web Monitor, here’s what you can do to prevent further breaches from happening. Even if your email hasn’t appeared, there are some tools from Internxt mentioned in this article that will help you or others secure their presence online.

Internxt is a cloud storage service based on encryption and privacy.

Change and check your password strength

In a data breach, passwords are the grand prize hackers go for to access personal accounts and gain sensitive information, such as names, addresses, phone numbers, or social security details, to carry out identity theft or fraud.

Even worse, if you use the same or similar password for multiple accounts, one data breach can give hackers access to your accounts if you don’t create different passwords.

So, the first step after finding out have I been pwned will be changing your password.

For this, you can go directly from our dark web monitoring tool and straight to our Password Generator to create a strong, unique password or passphrase for your accounts and store them in a reputable password manager.

Internxt Password Generator

To ensure maximum security, you can then use our Password Checker tool to be certain your account is protected and gain valuable feedback about the strength of your password.

Internxt Password Checker

Sometimes, you may not want to give your personal email when signing up for a website. For this, you can reduce the risk of being pwned even further with our following free tool.

Use a temporary email

Internxt Temp Mail creates anonymous emails, allowing you to sign up for services and eliminate spam from your inbox.

The temp email will expire after three hours of inactivity and will protect your personal email from data breach risks. Generate as many emails as you like for free, and ensure your inbox is free from spam.

Internxt Temporary Email Generator protects you from spam.

Use a VPN

Internxt VPN encrypts your data when surfing in high-risk areas, such as airports, cafes, or other public Wi-Fi areas that Wi-Fi hackers target. Aside from that, a VPN can mask your IP address, reducing the risk of doxxing, and the encrypted connection prevents hackers from accessing your email or other accounts.

Internxt VPN is free with no credit card or login required, making it the ultimate VPN for your privacy and a valuable addition to dark web monitoring and online protection.

Internxt private VPN

Enable MFA

Multi-Factor or Two-Factor authentication is an added security measure that must be implemented for all your accounts. MFA requires additional information that a hacker would have difficulty accessing, even if your password is stolen.

This information can be authenticated via:

  • Fingerprint
  • SMS code
  • Authenticator apps
  • QR codes
  • Email code
  • Push notifications
  • One-time passwords (OTP)

For your Internxt Drive account, you can enable 2FA when subscribing to Internxt to ensure your files and accounts remain secure and private.

Internxt is a cloud storage service based on encryption and privacy.

Try alternative login methods

A safer way to log in via email is to use alternative login methods that don’t rely on a password and instead rely on other security methods to verify that you are trying to access your account.

If you have been pwned in the past, this method can be a safer option to prevent further breaches alongside dark web monitoring tools.

Some alternative login methods include:

  • Passwordless login via email magic links
  • Social media logins (e.g., Sign in with Google, Facebook, or Apple)
  • Biometric logins (fingerprint, face, or retina scans)
  • Single Sign-On (SSO) through identity providers
  • PIN codes for specific devices
  • Smartcard-based authentication
  • Behavioral biometrics (e.g., typing patterns or gait recognition)
  • NFC-based authentication
  • Trusted device authentication
  • Passkey (FIDO2/WebAuthn) logins

Identify phishing emails

Phishing emails are the most common way emails are breached and end up on a have I been pwned type tool or dark web monitoring service.

It is, therefore, crucial that you learn to identify these scams, as sometimes hackers will use email spoofing or other advanced techniques to bypass an email’s spam filter.

Common methods to identify phishing emails are:

  • Suspicious sender addresses that don’t match the organization's domain.
  • Generic greetings like "Dear Customer" instead of your name.
  • Using urgent language to create panic or prompt immediate action.
  • Requests for sensitive information, such as passwords or payment details.
  • Poor grammar, spelling mistakes, or unusual formatting.
  • Unexpected attachments or links, especially if they seem out of context.
  • Links that redirect to suspicious or look-alike websites.
  • Offers or promises that seem too good to be true.
  • Inconsistent branding or logos.

With that in mind, can you spot examples in this common PayPal scam phishing email?

PayPal phishing email

Here’s why this email is an example of phishing:

  • Generic greeting and no name specified.
  • Sense of urgency in the first sentence.
  • Grammar and spelling errors.

One of the best ways to prevent your email from appearing on have I been pwned is to spot these attributes of a phishing email, report them as junk to the company so they can prevent further phishing attempts, and notify users if necessary.

Store personal information securely

Finally, when storing or sharing folders online, the best way to keep your emails from appearing on have I been pwned, Internxt Monitor, or other dark web monitoring services is to store all files containing sensitive information with Internxt Drive.

Internxt Drive is a private cloud storage solution for business or personal use that keeps files safe with zero-knowledge encryption, meaning nobody, not even Internxt, can access your files because you hold the encryption keys.

This makes Internxt a more private alternative to Google Drive, who hold control over your encryption keys, meaning they could potentially access your files if required by law. On top of that, Google shares your personal data with third parties, which significantly increases the risk of a data breach.

Join Internxt to store your files in total privacy with any of our annual, lifetime, or family plans, or use our S3 storage solution for your data lake storage at a cost that is up to 80% cheaper than AWS, Azure, or Google Cloud.

Internxt S3 compatible object storage

Regularly monitor your accounts

Once you have taken all these steps, the hard work is mostly done but not over. We recommend changing your password every 6 months or if you suspect a breach to keep your security up to date.

Aside from that, check in regularly to Internxt Monitor to check if you have been pwned so you can ensure your emails are kept safe.

Keeping your email off have I been pwned services

Now you know how Internxt Dark Web Monitor and other free tools can keep your email away from the dark web, all that's left now is to create your Internxt subscription and join our secure cloud storage platform!

Plus, with Internxt Mail and Meet coming soon, you will get the best service available to finally move away from OneDrive, Google, and others and switch to a future where your data is kept totally secure and private.

Protect your privacy with Internxt