BSI Security Check

Current note:

For information about the "Avalanche" botnet takedown from December 2016, please visit:

This service is provided by Germany's Federal Office for Information Security (BSI).

In context of an ongoing investigation led by the prosecutors' office in Verden, German authorities again discovered a major case of identity theft. Motivated by its task to enhance the security in IT-related matters, BSI set up a process in order to inform the general public that is in compliance with data protection and privacy requirements.

With the now discovered set of email addresses and passwords criminals intend to abuse legitimate mail accounts for sending SPAM messages. However, it is to be assumed that the data set not only includes login credentials for email accounts, but also login credentials for a bigger range of services, including social networks, online shops, blogs, etc.

Using this website, you can check whether or not you are affected by the identity theft.

Please enter the email address you intend to check into the form below and click the button „Check“. If the address is affected you will receive a response email that includes guidance on the proposed security measures.

If the email address is unaffected, you will not receive a notice!

After entering your email address you will see a 4-digit code for verification purposes. Please memorise the code or write it down. The email you will receive in case your email address is affected will contain exactly this code in the subject line. If that is the case the email is authentic and was generated by this website.

Watch out: emails that are case-related, but do not include the exact same code are NOT authentic and not sent by the BSI. If you receive such an email you should delete it right away.

The data privacy statement can be found on this website.

Notice: All personal information collected by the tests will be completely deleted as soon as the test is completed.