In recent months, we have seen a dramatic increase in the number of instances of compromised mailboxes. The bad guys use computer viruses and social engineering to steal users’ sensitive information. The next thing you know they have access to your mailbox and using it to send spam and malicious email. And sometimes they do not stop until they also have your credit card or bank login.
A month ago, a treasure trove of spammer data was discovered, the so-called “Online Spambot” case. A spam list dump containing 711 million (yes, almost one billion) email addresses was discovered by an ethical hacker. Many of these records included passwords. Chances are your email addresses (and possibly passwords) are in that dump and that you are vulnerable.
Please pause from your busy schedule and make sure that your passwords (and that of your colleagues) are secure:
- Check if your email address is in a known list of compromises. This is easy to do at https://haveibeenpwned.com. Note that some compromises are old (e.g. the famous LinkedIn breach in 2012) and probably not relevant anymore. But the recent “Online Spambot” case is fresh and has huge implications.
- Read more about the “Online Spambot” case together with some sounds advice on the blog of Troy Hunt, a leading security researcher.)
- Use strong and unique passwords everywhere.
- Use a password manager. There are many great online services available, but if you prefer a local password manager then we recommend KeePass Password Safe.
- Protect all your devices with anti-virus software. And this includes Mac computers; they have become a popular target.
Please be safe by keeping your passwords safe.