Growing List of Hotmail Accounts Compromised Via Phishing

pirate Over the weekend, it seems that there was a compromise with Hotmail accounts. Five figures worth of accounts apparently. Now, the first thought would be that someone actually took action against Microsoft and busted through. But in this case, it was apparently ill-gotten from phishing scams. The password list was posted on Pastebin which is a place where developers share snippets of code to get more eyes on it. They have taken down the offending accounts and taken the necessary precautions.

Either way, Microsoft has identified this issue and has apparently locked down the compromised accounts. If you were compromised and are locked out, there is an email form that Microsoft Live has set up for you to reclaim your account. I took a look at it, and it asks for some serious private information.

All of this should teach you (the end user) something. Lesson here is that you don’t click on anything ever in emails or otherwise, when you can go directly to the site itself and look for it. One of the reasons I have always hated HTML emails since it stupefies the entire security aspect and makes it a more difficult problem since you go against human nature. Thus? You’ll never see me prefer text over HTML any day of the week. You can dump links there, but I can read them.