My password manager told me that my info was leaked, including IP address, address, email, personal information, and phone number, in a data breach of eye4fraud.com. However, I don’t use eye4fraud, so it must have been a site that uses their services. I would like to change my login credentials on the site that shared my data with them (and stop using their service since they’re sharing my info with a security company that was breached), but I don’t know which site that was. I found this list of sites that use eye4fraud, but that list has over 1,600 entries. Other than reviewing every single sight on the list, is there a way of finding out which site that I use leaked my info?

  • @Nurse_Robot
    link
    271 year ago

    Probably not.

    The best advice I’ve heard is to use a variation of your email (assuming you use Gmail) on every site you sign up for that indicates that website. This would allow you to immediately know.

    So what is a Gmail Plus address? Say you have an email address like [email protected]. If you append a “plus” sign to your email username, Gmail will ignore anything written between the + and @ sign in the email address and still deliver the message to the same mailbox.

    More info

    • @[email protected]
      link
      fedilink
      81 year ago

      Scammers are well aware of this trick and can easily strip out everything between the + and the @ on a huge database of email addresses. A better approach is to use Proton Pass or simplelogin, which creates a brand new email address that forwards to your real one. That way you can create a new email address for every site. Both services automatically append the site name and incluse a few random digits to the new email address. So if you want to make a new alias for your LLBean login, it’d create LLBean.gv4gk7.passmail.net which would forward all emails to your real email address.

      • @Nurse_Robot
        link
        11 year ago

        Why would a scammer care if you figure out which 3rd party sold you out? I don’t think the risk is worth paying for another subscription.

        • @[email protected]
          link
          fedilink
          31 year ago

          Because after you setup the filter to remove that plus sign label, your email address is worthless without removing it.

          • @Nurse_Robot
            link
            11 year ago

            Why would it be worthless? It’s still a valid, deliverable address to a real person (you). The only difference is the receiver knows which company sold their information AFAIK

            • @[email protected]
              link
              fedilink
              21 year ago

              No it’s not, because the whole point of it is so you can filter them out. Which is exactly what you do when you realize you’re getting email from someone you didn’t give that address to, and at which point it becomes worthless. But stripping out the plusses is trivial and yields an un-filterable address.

    • RQG
      link
      41 year ago

      Does something similar exist aside from Gmail? Cus you know. Gmail.

    • @[email protected]
      link
      fedilink
      31 year ago

      This breaks a lot of sites that try to sanitize addresses (don’t ask me why they do it)

      Had it happen a couple of times that I would register and then it wouldn’t recognize my email for the login or the confirmation email would never arrive. Never tried it again after that because it also ment I was unable to use that email for that site as well.

    • Vanon
      link
      English
      11 year ago

      I do this with passwords, too. For example, generate 15 digits and add 5 digits (like +LMY!) to end. Many of those sites will list which passwords were stolen, easy to see to see which sites have unforgivably poor security.

      For email addresses, the variation is useful, but it’s probably inevitable that it’s eventually sold, stolen or guessed. Still nice to have the evidence.

  • @[email protected]
    link
    fedilink
    16
    edit-2
    1 year ago

    Check your email addresses at www.haveibeenpwned.com and it will tell you what was all was leaked. eye4fraud was likely a fraud credentials hosting site that got hacked and leaked, and yours was in there, and it would have come from a previous leak.

    • @[email protected]
      link
      fedilink
      71 year ago

      It’s a “fraud prevention company” so some site you bought stuff from passed your data to them.

      • @[email protected]
        link
        fedilink
        61 year ago

        Oh wow with a name like eye4fraud I never would have guessed they were legitimate and widely used but it looks like you’re right.

  • @[email protected]
    link
    fedilink
    English
    21 year ago

    seems like it would be easier to work from your pw manager - did it not tell you which cred was compromised?

    • @[email protected]
      link
      fedilink
      21 year ago

      To me it sounds like his PW manager is just one of those that give fake warnings so you think they’re doing something for you

    • BOMBSOP
      link
      English
      11 year ago

      They only said it was eye4fraud. When I looked into that site since I’ve never knowingly used them, I found out that they manage security for other sites.