Note: If you have a Hotmail, Gmail, Yahoo or AOL account, it’s advisable to change your password now!
Last week, about 10,000 Hotmail user accounts and passwords were posted on a developer’s forum. The accounts listed were the ones starting with the letters A and B hinting that this is just a snippet from a bigger list of accounts that have been compromised.
To further freak out webmail users, another list containing a cocktail of about 30,000 Gmail, Yahoo, and AOL user’s accounts was leaked later on during the week.
So how did they do it?
Apparently, people are still not able to tell the difference between an authentic website and a phishing website. Most of the compromised accounts on the list were obtained using fake websites that ask for your login and password to authenticate your account. While campaigns educating the user on how to better protect himself or herself from phishing scams have been running nonstop for the past 5 years, they can’t be blamed for falling for such scams.