Sounds like the majority of my user-base unfortunately, so for me, this is a warning that has to go out.
-- ME2 On Tue, Oct 6, 2009 at 11:29 AM, James Kerr <[email protected]> wrote: > Yeah exactly, only goons who respond to phishing schemes were affected. > > ----- Original Message ----- > *From:* Carl Houseman <[email protected]> > *To:* NT System Admin Issues <[email protected]> > *Sent:* Tuesday, October 06, 2009 11:22 AM > *Subject:* RE: SANS Diary: Time to change your hotmail/gmail/yahoo > password > > It would seem this only affects accounts of those who've fallen victim to > a phishing scheme. If you haven't entered your Live/Gmail/Hotmail password > on a bogus website, there's no immediate need to change passwords. > > > > *From:* Kim Longenbaugh [mailto:[email protected]] > *Sent:* Tuesday, October 06, 2009 11:00 AM > *To:* NT System Admin Issues > *Subject:* RE: SANS Diary: Time to change your hotmail/gmail/yahoo > password > > > > Yes, I missed it too. Thanks for the post. Gotta run, I’m busy changing > passwords…. > > > ------------------------------ > > *From:* Micheal Espinola Jr [mailto:[email protected]] > *Sent:* Tuesday, October 06, 2009 9:53 AM > *To:* NT System Admin Issues > *Subject:* SANS Diary: Time to change your hotmail/gmail/yahoo password > > > > I missed this yesterday, did you? > > > > http://isc.sans.org/diary.html?storyid=7276: > > > > > > Microsoft has confirmed that thousands of Windows Live accounts have been > compromised with their passwords posted online. Mainstream media such as the > BBC are also carrying the story. Some information is posted > here<http://windowslivewire.spaces.live.com/blog/cns!2F7EB29B42641D59!41528.entry?wa=wsignin1.0&sa=363915619> > . > > UPDATE: Gmail and Yahoo are also affected by the compromise. Change all > passwords on any of these popular webmail sites. > > Some does and don'ts: > > - Do change your passwords on a regular basis (every six months or so) > - Do use long complex pass-phrases rather than passwords where you can > - Do change all of your passwords if you notice something suspicious > - Do take identity theft seriously > - Do use up-to-date anti-virus and a firewall > - Do NOT click on links in emails, ever > - Do NOT use the same password at multiple sites > > > -- > ME2 > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
