A massive phishing scam has resulted in the exposure of tens of thousands of email addresses and passwords. A list containing 10,000 Hotmail, MSN and Live.com addresses and passwords was posted online at Pastebin, a website commonly used by developers to share code. A second list soon appeared, containing 20,000 email addresses and passwords from a number of different service providers, including Hotmail, Yahoo, AOL, Gmail, Comcast and Earthlink. Google later discovered a third list, but did not disclose the number of exposed accounts. Google forced password resets on the affected accounts Gmail, and many other email providers have issued statements encouraging users to use caution when opening links and attachments from unknown sources, of regularly update their Internet security software, and change their passwords often.
An analysis of the first list of 10,000 email addresses and passwords revealed the password most commonly used was "123456," which was used 64 times. 42% of the passwords on the all-lowercase letters list, and 19% contained only numbers. The average length of passwords is eight characters, and nearly 20% were only six characters. Only 6% of passwords used a combination of letters and upper and lower case numbers.
Obviously, Internet users need to be more educated about phishing scams and passwords. A phishing scam involves an e-mail may appear to be from a trusted institution such as a bank or a popular social networking site. The email prompts the recipient to follow a link to a fake version of a familiar site, where if all goes well, the victim will be fooled into revealing data such as bank account information or username and password . Often there are inconsistencies in the mail or website that reveal the scam, but phishing scams are becoming more sophisticated, it is more difficult to recognize the tricks. One way to avoid these scams is to pay particular attention to the email address of the sender and the link URL. Even if a single character is off, it is likely that you are dealing with a phisher. It is safer to type the correct URL in the address bar of your web browser yourself, or use a saved link in your Bookmarks menu, rather than clicking on a link in an email . In addition, you should be alert for other inconsistencies.
Users must also recognize the importance of secure passwords. Your password should contain upper and lower case letters and numbers, and it should not be a word that can be found in a dictionary. You must change your password time to time, and you should not reuse the same password for multiple websites. If a hacker gets your password Facebook, which is the same as your email password, and your e-mail account has an email with the bank details, you have made it quite easy for the hacker to steal your identity.
In addition to using common sense and creating secure passwords, you must be sure to install and update Internet security software and consider investing in theft protection identity, which helps to prevent and detect the result of the worst Internet scams of late.