Wednesday, October 07, 2009
Phishing attack compromises passwords; all users should consider whether to change theirs today
Ben Parr has an “alert” story in Mashable (The Social Media Guide) “20,000+ Gmail, Yahoo, AOL Accounts Compromised”. Apparently over 20000 passwords from a number of these services were stolen with a phishing scam and then posted. Anyone who has answered a phishing email should consider changing all of his or her passwords promptly, and used strong passwords, and apparently different pw’s for each account. The link is here. The story surfaced on CNN this afternoon (Oct. 7).
A strong password uses both upper and lower case letters, numbers, and special characters, and does not make sense to a random person, and has no obvious connection to the person’s life.
Corporate servers commonly force employees to change pw’s at least once a month, and to use strong pw’s. Users who answered phishing emails at work might jeopardize their employers' security,