As soon as you start using the app, we’ll monitor the data you enter. If we detect anything suspicious, you’ll immediately receive an alert from the app (e.g., that your Google password or credit card information has been leaked by hackers).
The more information you enter for monitoring, the better we can protect your accounts and identity from being compromised.

• When you receive an alert (via text message or email), log in to the app.
• Read about what has happened and what you should do by opening the alert.
• Follow the instructions and mark the alarm as resolved.

• The best way to lower your risk level is to monitor everything you can in the app, read your alerts, follow the instructions, and mark them as resolved.
  Over time, your risk will decrease, provided you don’t receive any new alerts.

We find more than 25 billion passwords being sold on the Dark Web every year, and every month, one in five users on [NameOfService] receives one or more alerts that help them avoid identity theft. Simply by monitoring your email addresses and phone numbers, you can take a major step toward preventing identity theft and hacked accounts.

• Encryption. We encrypt user data both in transit (when it is sent over the internet) and at rest (when it is stored on servers or devices). This means that only you can view it.
• Verifications. All data included in a leak can only be viewed by the person who owns a verified email address or phone number linked to the leak.
• Audits. We conduct regular audits and tests of systems and networks to identify and address vulnerabilities before they can be exploited.
• Compliance. We adhere to regulations such as the GDPR and standards such as CIS18.

No. When you receive a security breach alert that includes your password, we actually don’t store that password in the app. Instead, it is retrieved in encrypted form and displayed only to you because you have verified that you are the owner of the password. We do not display the actual password to ensure that it is not shared with others.

The warnings you receive may vary in severity depending on the potential risk:

• Malware (high-risk warning caused by malware)
• High (warning where the risk is considered high, e.g., passwords discovered during a breach)
• Medium (warning where the risk is considered moderately high)
• Low (warning: there is a certain risk you should be aware of)
• Info (information update, not really related to any risk)
• Resolved (warnings you have marked as resolved)

It may seem strange that certain warnings are flagged as high risk even though they seem routine; the reason for this is that they are stronger indicators of fraud. Once these types of warnings are resolved, your risk level will drop accordingly.

If you receive an alert that may seem outdated, it is most likely a notification that we have found your information in a data breach. It is still important for you to receive this information because:

• Late detection: Sometimes data breaches are discovered long after they actually occurred. So this information may be new to you and others.
• Long-term risks: Once compromised, your personal data can remain vulnerable for a long time. Many scammers use data that was stolen long ago.
• Awareness: Understanding your exposure in past breaches helps you assess your current level of risk and take appropriate protective measures.

Remember, it’s crucial to stay informed about all data breaches—both past and present—to protect your digital identity and personal information.

If your email address has been leaked, it means that your email address is now publicly available and can be used by cybercriminals to send you spam or phishing emails. To protect yourself, you should take the following steps:

• Be extra careful when opening emails or clicking on links, especially if you don't know the sender.
• If you receive suspicious or unwanted emails, mark them as spam or block the sender.

If your phone number has been leaked online, it means it is publicly available and can be used by others to contact you. To protect yourself, you should do the following:

• Be careful when answering calls or messages from unknown numbers.
• Use the call-blocking or text-blocking features on your phone to block unwanted calls or texts.

If your password has been compromised, there are several steps you should take to protect yourself:

• Go to the website or service where your password was compromised and change it to a strong, unique password.
• Be sure to change your password everywhere you use it. Never reuse passwords.
• Enable two-factor authentication (2FA). Many websites and services offer 2FA, which adds an extra layer of security to your account by requiring a code sent to your phone or email in addition to your password.
• Consider using a different email address for important accounts.
• Consider using a password manager. A password manager can help you create and store strong, unique passwords for all your accounts.

If your Social Security number has been compromised, there are several steps you should take to protect yourself against identity theft:

• Contact the credit bureaus to place a fraud alert on your credit report. This will alert you if someone tries to open new accounts in your name.
• Report the leak to the police if it is the result of a crime, to ensure that it is investigated and to create a record of the incident.
• Keep an eye on your credit report and watch out for any suspicious activity, such as new accounts opened in your name.
• Contact your bank and credit card company to inform them of the breach and to monitor your accounts for suspicious activity.
• Consider blocking your Social Security number to prevent anyone from opening new accounts in your name.

Creating a strong password is key to protecting your online accounts. Here are some tips to help you stay safer:

• Mix characters: Use a combination of letters (both uppercase and lowercase), numbers, and symbols.
• Avoid common words: Don’t use easily guessed words like “password” or “123456.” Avoid obvious personal information such as your name or date of birth.
• Longer is better: Aim for at least 12 characters. Longer passwords are harder to crack.
• Unique passwords: Always use different passwords for your accounts (if your password has been compromised, criminals will try to use it everywhere they can online).
• Use a phrase: A random phrase or sentence that you can modify depending on the account; it will be long, but easier to remember than a random string of characters.
• Consider using a password manager: These tools can generate and store strong, unique passwords for you.

Remember, a strong password is the key to protecting your data!

Two-factor authentication (2FA) adds an extra layer of security to your accounts. First, you enter your username and password. Then, you’re required to provide a second piece of information. This can be:

• A code sent via text message to their phone.
• A biometric method, such as a fingerprint or facial recognition.
• A token or key from an authentication app.
• 2FA is a simple yet effective way to improve your account security. For the best protection, you should always enable 2FA on your accounts whenever it’s available.

Password managers are apps that help you securely store, manage, and create strong passwords for all your accounts. They’re like a digital vault for your passwords.
Using a password manager helps you maintain strong, unique passwords for all your accounts without having to memorize each one, since the only password you need to remember is the one for your password manager.

Under the GDPR, the data must be deleted within 30 days. It may take up to a few weeks for your information to be removed from all relevant websites.

Once you have requested removal, we will submit a request to the companies from which you wish to be removed. The matter will then be handled by each respective company. Processing times vary by company and may also be affected by their current workload.

Yes, if your information becomes visible again, we'll send you an email so you don't have to keep track of your status yourself.

Information sites collect and publish information about private individuals from public records. This may include: Personal information

Full name, date of birth and age, marital status, information about family members, place of employment, property ownership, income details or taxable income, as well as information about payment defaults or debts (depending on the site).

Contact information

Phone number, current and previous addresses, and sometimes links to social media profiles. The purpose is to make this information easily accessible, but for you as a private individual, it can feel like a violation of privacy—and in the worst case, be exploited by scammers for identity theft, fake profiles, or various forms of social engineering.

The GDPR is the EU’s data protection regulation that governs how companies may collect, store, and use personal data, and grants individuals rights such as the right to request the correction or deletion of their data.The Freedom of Expression Act (YGL), on the other hand, is a Swedish constitutional law that protects the publication of information in media and databases with a publication certificate. When a website is covered by the YGL, that constitutional law takes precedence over the GDPR, which means that such services can in many cases publish personal data from public registers and are not required to delete the data even if a request is made under the GDPR.

Scammers use several common methods to obtain your personal information:

• Data breaches: Exploiting security vulnerabilities to gain access to large databases containing personal information.
• Phishing: Sending emails or text messages that appear to come from legitimate sources in order to trick you into revealing personal information.
• Public Wi-Fi networks: Intercepts information transmitted over unsecured public Wi-Fi networks.
• Skimming: Installing devices on ATMs or card readers to capture information from credit or debit cards.
• Physical theft: Stealing wallets, bags, or mail to obtain personal information.
• Social engineering: Manipulating people to disclose confidential information.
• Malware and Spyware: Uses malicious software to track and steal data from your devices.
• Social media snooping: Collecting personal information from social media profiles.

Protecting your information means being careful about how you share and store data, and, of course, keeping an eye on everything you can within the app.

Phishing is a type of online scam in which fraudsters pretend to be a trusted source, such as a bank or a well-known company, to trick you into giving them sensitive information. They often do this through fake emails or websites that look genuine.
That’s why it’s important to be cautious and verify that emails and websites are legitimate before sharing any personal information.

• What to look out for

  • Sender: Check whether the sender's email address matches the legitimate company's domain.
  • Urgent tone and threats: Phishing often uses urgent language or threats (e.g., account closure, fines) to prompt immediate action.
  • Requests for personal information: Be wary of emails asking for passwords, bank details, or other sensitive information.
  • Attachments or links: Do not open attachments or click on links from unknown sources, as they may contain malware.
  • Inconsistent URLs: Hover your mouse over links in the email to see if the URL matches the expected destination.
  • Spelling mistakes: Official communications are usually well-written, so mistakes can be a sign of phishing.

When phishing is carried out via text message, it is usually called “smishing” (a combination of “SMS” and “phishing”).
In these scams, the fraudster typically tries to trick the recipient into revealing personal information or clicking on malicious links, under the guise of a legitimate or urgent text message. This type of scam has become more common as more and more phone numbers end up on the dark web.

• What to look out for

  • Requests for personal information: Be cautious of messages that ask for sensitive information, even if they appear to come from well-known companies or institutions.
  • Sense of urgency: Scammers often create a sense of urgency—such as a problem with your account or a deadline for a response—to get you to act quickly.
  • Suspicious links: Do not click on links in text messages, especially if they are unexpected. Instead, go directly to the official website.
  • From: Companies do not typically send important alerts via text message. If you are unsure, contact the company directly via a verified phone number or email.
  • Spelling mistakes: Smishing messages often contain spelling and grammatical errors.

Vishing, short for “voice phishing,” is a scam in which fraudsters use phone calls to trick you into revealing personal information. They often pose as representatives from banks, government agencies, or other trusted organizations.  With advances in technology, there’s a new twist: scammers are now using AI-generated voices, which means they can sound like someone you know. Always be cautious when receiving unsolicited calls, and never share sensitive information or transfer money. If you’re unsure, hang up and call back a verified number.

• What to look out for

  • Unwanted calls: Be cautious of unexpected calls, especially from unknown numbers.
  • Requests for personal information: Do not share sensitive information such as passwords or bank details over the phone.
  • Urgent tone: Be wary of calls where someone tries to pressure you into making quick decisions.
  • Verify the phone number: If you're unsure, hang up and call back using an official number.

If you think your identity may have been stolen, you should act quickly to limit the damage:

• Contact your bank: Contact your bank and credit card company if you suspect that fraudsters have access to your banking information.
• Report your ID documents lost: If you have lost your driver's license, passport, or ID card, you need to report them lost.
• Freeze your credit: Contact your credit bureaus and ask them to freeze your credit so that no one can take out loans or make purchases on credit in your name.
• File a police report: If you suspect that someone has attempted to commit fraud, you should always contact the police.

You should set up a fraud alert in situations where there is an increased risk or suspicion that your Social Security number or other personal information may have been or has been misused.

• After a theft: If your ID card, driver's license, passport, or other important documents containing personal information have been stolen.
• Suspected identity theft: If you suspect that someone else is using your personal information to commit fraud, such as opening accounts or taking out loans in your name.
• After a phishing attack: If you have disclosed personal information in response to a phishing attack via email, phone, or online.
• Unauthorized transactions: If you notice unauthorized transactions on your bank or credit card accounts that suggest someone has access to your information.

The dark web (e.g., darknet, deep web) is a part of the internet that is not indexed by traditional search engines (e.g., Google) and is therefore not easily accessible to most people. It can only be accessed using specialized software, such as the TOR network, which allows users to browse anonymously. Anonymity and encryption on the dark web lead to its association with illegal activities, such as the sale of drugs, weapons, and stolen personal information. This anonymity makes it difficult for law enforcement agencies to track illegal acts or identify those involved.

Despite its association with illegal activities, the dark web can also be used for good causes. Journalists, activists, and others in vulnerable positions can use it safely to share information in totalitarian regimes. It is important to note that accessing the dark web carries certain risks, as it is unregulated and there is a high potential for fraudulent or harmful activity.

Hackers can obtain your personal information through a variety of methods, such as phishing attacks, malware attacks, and data breaches. Once they have your information, they can sell it on the dark web, a part of the internet that isn’t indexed by traditional search engines and can only be accessed using specialized software. On the dark web, there are various marketplaces where hackers can sell your personal data, such as your name, address, Social Security number, and credit card information. These marketplaces are often used by other criminals to commit identity theft or fraud.
Hackers can also use your personal data for their own gain. For example, they can use your credit card information to make purchases or use your social media accounts to spread spam or malicious links. It’s important to protect your personal information by using strong passwords, being careful about sharing personal information online, and regularly checking your credit report for unauthorized activity. It’s also a good idea to use a secure and encrypted messaging app and to continue monitoring here at Miltech.se

A data breach occurs when confidential, sensitive, or protected information is taken or leaked without authorization. Breaches often involve personal data such as names, addresses, Social Security numbers, and financial information. Data breaches can occur in several ways:

• Cyberattacks: Hackers can use techniques such as phishing or exploit security vulnerabilities to gain access to data.
• Malware: Malicious software can steal data from compromised systems.
• Human error: Mistakes such as mishandling sensitive information can lead to unintentional breaches.

• How to protect yourself

  • Use antivirus software and keep it up to date.
  • Be careful about what you download and which websites you visit.
  • Avoid clicking on suspicious links or email attachments.
  • Keep your operating system and software up to date (this is one of the simplest things you can do that really makes a difference).