The face: Even better of us can fall into fraud. Look just to Troy Hunt, security expert and creator Hasibenpwned.com, which was deceived by an email for hunting. The attackers managed to steal his mailing list for his personal blog, which resulted in the settlement of nearly 16,000 email messages, about half of which belong to the people who were canceled from the list.
Hunt says he was backward and tired when he read an email that seems to come MailchimpThe service he uses in his postal list. He claimed that the company had received the random mail complaint submitted against the Hunt’s Personal Blog letters, which led to restricted transmission privileges.
Hunt click on the link in the email. He led him to a page in which he entered his login approved data, which he noticed automatically from the 1Password Password Manager. Then enter the password for one time and hang the page, and then I realized that he was deceived.
Then Hunt logged into the official MailChimp site to change his password, but it was too late – he has already received an alert about his mailing list that is exported from the IP address in New York. There was also a login alert from the same IP. This fraud is automated, so the operations occur before the victims can change their login data.
Among the 16,000 email addresses stolen by the infiltrator, 7,535 belonging to the people who canceled the postal menu. Hunt said he was not sure that MailChimp was holding data from unregistered users and would be achieved whether the problem of formation on his side was.
Hunt’s single infection is that the hack did not affect the Hasibeenpwned website, where you can write your email to see if it is part of the previous data violations, including violating the Hunt’s Mailchimp menu.
Most of us will never click on an email link, and Hunt stressed that he avoided “Gazillion Phishes”, but the Australian says he was exhausted from traveling to London when he read this message. He added that the mail created a sense of urgency, which was no more suspicious, but it is sufficient to ensure a quick response.
He wrote on his own blog: “Fatigue was a major factor. I was not awake enough, and I did not think correctly what I was doing.” “The attacker had no way to know this (I have no reason to suspect that this was specifically targeted in my face), but we all have moments of weakness, and if the technical times are completely with that, well, we are here.”
Hunt also indicated that the attack shows how some dual -factor authentication methods are not a guarantee that you will not be penetrated. He says it is completely useless against an automatic hunting attack that can move OTP as soon as it is inserted.
Hunt said he alerted users affected by email. The field used to host the fake website was dropped by Cloudflare.