This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Possible scam involving email address

more options

I was notified by a 3rd party monitoring service of a potential scam involving my email address, DOB, tel #, etc. To the best of my knowledge my password was not compromised. I contacted the potential site from the alerts which was GTL.Net and after contacting customer support I was told they had nothing to do with GTL. This company appears legitimate but I have had no dealings with them and have no idea whether I am being scammed or not. But they were possibly accessing information which they did not need. Help, I am stuck as to what alternatives are available.

Picture of 1 of 4 notifications (all 4 were the same):

Compromised Email Address & Compromised Phone

Monitored Element Email Addresses: [confidential info]@Gmail.com Monitored Element Phone Numbers: [confidential info] Date Found: 11/10/2020

We monitor online activity to identify the potential illegal trading and selling of your personal information. Unfortunately, we found a match which indicates the information within the red box above is available online. If your password was also compromised, that will be noted in the "Additional Info" section below. Please note, this is the password associated with the site where your email address was procured.

If the “potential site” information is populated, we obtained credible evidence that this is the possible site from which your email address and password, if applicable, were found and we recommend you change your password for this site.

If the "potential site" is not named, you should consider what sites you have associated with the “Monitored Element Email Addresses” and consider changing your password on those sites..

For example, if you set up an account with madeupwebsite.com (fictitious site for this example), you provided your email address to this site and established a password for this site; that password should be changed. See additional comments under “Here's what to do:”, below. We monitor online activity to identify the potential illegal trading and selling of your personal information. Unfortunately, we found a match which indicates the information within the red box above is available online. Below you will find additional information on next steps to take to ensure your personal information is secure.

Additional Info

The following data was found compromised with your email address. First Name Thomas Last Name Garner Email [email]@gmail.com Address 1 [confidential info] City [confidential info] Zip [confidential info] Country us Phone Number [confidential info] Potential Site gtl.net Creation Date 11/10/2020 D.O.B. D.O.B. Found Match IDEMAILADDR,IDHOMEPHONE

Here's what to do: Immediately change the password for the website if identified above. Consider changing passwords for websites or online accounts which may be associated with this email address. If the password is not identified above, that does not necessarily indicate your password is safe. Passwords might not be visible to our monitoring due to encryption or otherwise, yet they could be procured and encryption cracked by parties obtaining information from the dark web. Utilize smart password habits. Re-using passwords across multiple sources may increase your vulnerability to identity thieves. Create unique and strong passwords for your accounts using a mix of special characters, numbers and upper and lower case letters known only to you.

Here's what to do: Ensure the accounts that contain your phone number are secure. Many times, your phone number is used to authenticate your name and account information for websites like Gmail and Facebook.

CyberScan 11/17/2020 X CyberScan 11/17/2020 X CyberScan

edited for formatting and removing personal info -Andrew

I was notified by a 3rd party monitoring service of a potential scam involving my email address, DOB, tel #, etc. To the best of my knowledge my password was not compromised. I contacted the potential site from the alerts which was GTL.Net and after contacting customer support I was told they had nothing to do with GTL. This company appears legitimate but I have had no dealings with them and have no idea whether I am being scammed or not. But they were possibly accessing information which they did not need. Help, I am stuck as to what alternatives are available. Picture of 1 of 4 notifications (all 4 were the same): Compromised Email Address & Compromised Phone Monitored Element Email Addresses: [confidential info]@Gmail.com Monitored Element Phone Numbers: [confidential info] Date Found: 11/10/2020 We monitor online activity to identify the potential illegal trading and selling of your personal information. Unfortunately, we found a match which indicates the information within the red box above is available online. If your password was also compromised, that will be noted in the "Additional Info" section below. Please note, this is the password associated with the site where your email address was procured. If the “potential site” information is populated, we obtained credible evidence that this is the possible site from which your email address and password, if applicable, were found and we recommend you change your password for this site. If the "potential site" is not named, you should consider what sites you have associated with the “Monitored Element Email Addresses” and consider changing your password on those sites.. For example, if you set up an account with madeupwebsite.com (fictitious site for this example), you provided your email address to this site and established a password for this site; that password should be changed. See additional comments under “Here's what to do:”, below. We monitor online activity to identify the potential illegal trading and selling of your personal information. Unfortunately, we found a match which indicates the information within the red box above is available online. Below you will find additional information on next steps to take to ensure your personal information is secure. Additional Info The following data was found compromised with your email address. First Name Thomas Last Name Garner Email [email]@gmail.com Address 1 [confidential info] City [confidential info] Zip [confidential info] Country us Phone Number [confidential info] Potential Site gtl.net Creation Date 11/10/2020 D.O.B. D.O.B. Found Match IDEMAILADDR,IDHOMEPHONE Here's what to do: Immediately change the password for the website if identified above. Consider changing passwords for websites or online accounts which may be associated with this email address. If the password is not identified above, that does not necessarily indicate your password is safe. Passwords might not be visible to our monitoring due to encryption or otherwise, yet they could be procured and encryption cracked by parties obtaining information from the dark web. Utilize smart password habits. Re-using passwords across multiple sources may increase your vulnerability to identity thieves. Create unique and strong passwords for your accounts using a mix of special characters, numbers and upper and lower case letters known only to you. Here's what to do: Ensure the accounts that contain your phone number are secure. Many times, your phone number is used to authenticate your name and account information for websites like Gmail and Facebook. CyberScan 11/17/2020 X CyberScan 11/17/2020 X CyberScan ''edited for formatting and removing personal info -Andrew''

Modified by Andrew

Chosen solution

Hi tbgarn, information found for sale online could be anything from a basic email mailing list to an advertising profile all the way up to a company's highly sensitive internal databases containing account data and passwords. This seems to be somewhere in the middle.

It sounds as though you've hit a dead end figuring out the full details and original source of this breach. While there is no indication that this breach disclosed any account passwords, apparently it included a date of birth, which sometimes is used by companies to verify your identity. That's bad, but unfortunately not uncommon, and I can't think of anything you can do about it.

You could check with CyberScan about any further follow-up needed.

Read this answer in context 👍 1

All Replies (2)

more options

Never respond to such messages as they are mostly scams. Sometimes, such messages look like they come from a site you make use of. But when you check the 'from,' and/or look at the links in the message, they don't go to the site in question.

more options

Chosen Solution

Hi tbgarn, information found for sale online could be anything from a basic email mailing list to an advertising profile all the way up to a company's highly sensitive internal databases containing account data and passwords. This seems to be somewhere in the middle.

It sounds as though you've hit a dead end figuring out the full details and original source of this breach. While there is no indication that this breach disclosed any account passwords, apparently it included a date of birth, which sometimes is used by companies to verify your identity. That's bad, but unfortunately not uncommon, and I can't think of anything you can do about it.

You could check with CyberScan about any further follow-up needed.