Alright, so it’s time to log in to that site you’ve not used in a while.
Username and password? Yep, no problem…
….okay, what about B1ngoWozH1sNamo21?
It’s a familiar tale in this wonderful digital age in which we live – we’re surrounded by a bottomless pool of amazing websites and services, all climbing over one another to improve our lives, however, every one of the darned things requires a registration.
If you read my post on ‘spear phishing’ you’ll be aware that the hijacking of email accounts is on the rise. These attacks generally revolve around the attacker already knowing the login details for the account somehow.
When I speak to customers they often wonder how the attacker knew their seemingly complex password. Did they simply guess it?
The simple answer is no, in my opinion, that’s very unlikely.
It’s much more likely that the email address and password were used on another site/ service which has led to them being compromised or ‘pwned’.