Received an alert message?

If you have received an alert message notifying you that a compromise of your credential has been detected, this means that OverWatch has observed your credential somewhere on the internet, deep web, dark web, darknet, or one of its thousands of data sources.  Thus your credential is able to be used by someone other than you to login to your account.

If you have recently signed up for OverWatch:

After you initially sign-up for OverWatch your credential is run against our in-house data collected over a number of years.  This data comes from known breaches and collection we have indexed to determine if client credentials have been compromised in the past.  Once your credential has been processed through all of our in-house data it is then moved into live collection to look for any new compromises.  You will receive an alert if any compromise is found.

If you have signed up for OverWatch more than 1 week ago:

Once your credential clears our in-house data, it is monitored live to look for new compromises across the internet, deep web, dark web, darknet, and thousands of data sources.  You will receive an alert if any compromise is found.

 

FAQs

What should you do if I get an alert that a credential compromise has been detected?

If OverWatch has alerted you that a compromise of your credential has been detected, the best thing to do is to change your password.  If you credential is an email address you should immediately change your email account password.  Also, many times we use our email address as a User ID for other accounts such as bank accounts, utility company accounts, and consumer accounts (e.g Target, Amazon, Grocery Stores, and other reward programs).  You should also change your password for any account that uses your email address as the User ID.  Most often when OverWatch observes a compromise of your credential, the password is encrypted in some type of a hash encryption code.  Many of these encryptions do not have known decryption keys.  Thus the people that have stolen your credential can decrypt it and use it, but OverWatch does not know if the password is for your email account or another account that you use your email address as the User ID.

What types of passwords should I use?

Many websites and email providers will require you to use a ‘strong password’.  You should use a combination of lower case letters, upper case letters, numbers, and two different special characters if possible.  Many times people tend to use the same password for multiple accounts.  You should avoid doing this as it leads to the ability of a criminal being able to access multiple accounts with one compromised credential.  You should also avoid using similar passwords or passwords that use an identical base word or base number.

How do I remember all of my passwords?

Keeping track of all of your passwords is a challenge give all of the different accounts we acquire in daily life.  Some internet browsers offer password storage so it will automatically populate in at the login screen.  We recommend not using these services but using an encrypted password vault.  Encryptr by SpiderOak is a free password vault that is fully encrypted and can be installed on your computer and on your cell phone.

How was my credential compromised?

Your credentials can be compromised in a number of different ways.  Some compromises occur when you are the victim of a phishing scam.  Phishing scams use emails that look legitimate and direct you to links that end up stealing your credentials or planting malware on your computer that steal your credentials.  Your credentials can also be compromised by data breaches of the email provider or service provider that uses your email address as a User ID.

More Questions?

If you have other questions about an alert or credential compromise contact us at OverWatchSupport@theravengrp.com.