Check if your email has been compromised. Test your passwords. Learn to think like an attacker — so one can never surprise you.
Check if your email has appeared in any known data breach. Powered by HaveIBeenPwned.com
SCANNING BREACH DATABASES...
Your search is anonymous. We never store email addresses.
100% private — your password never leaves your device.
PRIVACY NOTE — This check runs entirely in your browser. No data is transmitted or logged.
Real-world phishing emails test even the sharpest eyes. See if you can tell fake from legitimate across 5 rounds.
The three most dangerous attack categories targeting South African organisations right now.
Attackers impersonate trusted entities via email, SMS, or fake websites to steal credentials and financial data. The #1 attack vector worldwide.
Encrypts all your files and demands payment for the decryption key. Proper backups are the only reliable defence — paying rarely works.
Manipulates people — not machines — into revealing confidential info or granting access. No firewall stops a trusting employee.
Practical, immediately actionable advice. Each one closes a real attack vector. Follow them all.
Create passwords with 16+ characters mixing uppercase, lowercase, numbers, and symbols. Never reuse passwords across different sites or services.
PRO TIP
Use a password manager like Bitwarden, 1Password, or LastPass to generate and securely store complex passwords.
Add a second verification layer to every account you care about. Even if your password is stolen, 2FA stops attackers in their tracks.
PRO TIP
Use an authenticator app (Google Authenticator, Authy, or Microsoft Authenticator) — not SMS. SIM-swapping defeats SMS codes.
Be suspicious of unexpected emails, texts, or calls asking for personal information. Verify the sender before clicking any links or attachments.
PRO TIP
Hover over links to preview the real URL. Legitimate companies never ask for passwords via email — ever.
Updates aren't just new features — they're security patches for vulnerabilities that attackers are actively exploiting right now.
PRO TIP
Enable auto-updates on your OS, browser, and all apps. Most exploits target known vulnerabilities with patches already available.
Avoid sensitive tasks on public WiFi. At home, use WPA3 encryption and change your router's default credentials immediately.
PRO TIP
Use a reputable VPN (Mullvad or ProtonVPN) when on public networks to encrypt all your traffic from eavesdroppers.
Backups are your last line of defence against ransomware. A good backup makes a ransomware attack an inconvenience, not a catastrophe.
PRO TIP
Follow the 3-2-1 rule: 3 copies, on 2 different media types, with 1 stored offsite (or in the cloud).
Regularly audit privacy settings on social media and online accounts. Limit publicly visible info — attackers use it for targeted social engineering.
PRO TIP
Google yourself occasionally to see what information about you is publicly accessible — and then remove or restrict it.
Reputable antivirus catches known malware before it executes. It's not a silver bullet, but it closes off a large category of opportunistic attacks.
PRO TIP
Windows Defender is genuinely good for most users. For Macs, Malwarebytes offers solid supplementary protection.
Check bank and credit card statements regularly for suspicious activity. Set up instant transaction alerts — catch fraud before it compounds.
PRO TIP
Consider placing a credit freeze to prevent identity thieves opening new accounts in your name — it's free and reversible.
Free tools give you awareness. A professional penetration test gives you certainty. Let our experts find what attackers find — before they do.