Hi Luis,
On 22/03/2020 04:59, Luis E. Muñoz via mailop wrote:
I got three in the last 48 hours at different sites. All referenced
real user accounts – no clue about the password. The warning seemed
legit so I passed the info to the potentially affected users, with the
recommendation to change their passwords at any sites where they used
said email accounts.
Thank you - that is *exactly* how I'd hoped this would be used.
I put the partial SHA-1 in so that it could be used with
www.haveibeenpwned.com as they use the same format for good reasons, so
it should work with any compatible tooling and automation.
My reading is that bad actors will find valid email addresses as part
of successful exploits and then feed those into their automated attacks.
They'll get these via database dumps, compromised hosts and phishing.
Kind regards,
Steve.
--
Steve Freegard
Senior Product Owner
Abusix Intelligence
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
