I guess this is in response to the WikiLeaks fiasco. (Please refrain from going into a Wikileaks discussion - that can go over to fratching - please leave it to alerts that you've gotten).
I got an email stating that my Amazon.com login and password had been compromised and I needed to change it - it seemed legit because they told me to go to Amazon.com to do all the work (never click on a link in an email to do this!!).
Here's the email:
Now, I got the same from a registrar I rarely use.
I have a feeling it is not stopping here.
If you've gotten similar emails, feel free to post here of who was affected, I'll try to update the list. I think it's also a good time to change your primary email addresses (I did this morning). If you want some tips on how to make your password:
Use letters (lower case and capital) and numbers but not separate. In other words, soccer is a poor password. Soccer0 is a little better. s0ccEr is better (zero instead of an the letter o). Use non-native languages. If you speak English but know some Spanish, throw a little in there. Throw in non-alphanumeric characters like punctuation etc. jueg0s0cC.3r is a very good password. Most "brute force" attacks won't use non-alphanumeric characters. If you really want to make it secure, use your ASCII chart juèg0s0cC3r
Don't use nicknames, pets, significant others, etc.
Amazon.com
Gawker Network (post #1)
Deviantart (Posts #2, #3)
I got an email stating that my Amazon.com login and password had been compromised and I needed to change it - it seemed legit because they told me to go to Amazon.com to do all the work (never click on a link in an email to do this!!).
Here's the email:
Hello (me),
This is an important message from Amazon.com
At Amazon we take your security and privacy very seriously. As part of our routine monitoring, we discovered a list of email address and password sets posted online. While the list was not Amazon-related, we know that many customers reuse their passwords on several websites. We believe your email address and password set was on that list. So we have taken the precaution of resetting your Amazon.com password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your Amazon account.
To regain access to your Amazon customer account:
1. Go to Amazon.com and click the "Your Account" link at the top of our website.
2. Click the link that says "Forgot your password?"
3. Follow the instructions to set a new password for your account.
Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you chose a password that you are not using on any other sites. We look forward to seeing you again soon.
Sincerely,
Amazon.com
Please note: this e-mail was sent from an address that cannot accept incoming e-mail. To contact us about an unrelated issue, please visit the Help section of our website.
This is an important message from Amazon.com
At Amazon we take your security and privacy very seriously. As part of our routine monitoring, we discovered a list of email address and password sets posted online. While the list was not Amazon-related, we know that many customers reuse their passwords on several websites. We believe your email address and password set was on that list. So we have taken the precaution of resetting your Amazon.com password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your Amazon account.
To regain access to your Amazon customer account:
1. Go to Amazon.com and click the "Your Account" link at the top of our website.
2. Click the link that says "Forgot your password?"
3. Follow the instructions to set a new password for your account.
Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you chose a password that you are not using on any other sites. We look forward to seeing you again soon.
Sincerely,
Amazon.com
Please note: this e-mail was sent from an address that cannot accept incoming e-mail. To contact us about an unrelated issue, please visit the Help section of our website.
Dear (me),
As you might have heard, the Gawker network (owned by Gawker Media) was compromised over the weekend. This created a security breach on many popular websites, including Deadspin, Fleshbot, Gawker, Gizmodo, io9, Jalopnik, Jezebel, Kotaku and Lifehacker. Attackers obtained the email addresses and passwords of users who leave comments on these websites.
The attackers then posted this information publicly.
We're contacting you because we discovered that the email address you use at Domains Priced Right was on the list the attackers posted. While Domains Priced Right does not use your email address to log in to your account, we still recommend you follow the security measures below.
For your safety, please review all your online accounts and change your passwords as soon as possible. This includes not only your accounts with us, but also any accounts you have online. Many people use the same password for multiple services on the Internet: email, shopping, finances and social networking. In this situation, attackers could take the information they got from Gawker and try to compromise your other accounts.
For information about how to change your password with us, click here.
You can also find more information about the attack at lifehacker.com.
As always, we take your personal security very seriously. If you have questions regarding this message, please feel free to contact our support center at 480-624-2500.
Domains Priced Right
As you might have heard, the Gawker network (owned by Gawker Media) was compromised over the weekend. This created a security breach on many popular websites, including Deadspin, Fleshbot, Gawker, Gizmodo, io9, Jalopnik, Jezebel, Kotaku and Lifehacker. Attackers obtained the email addresses and passwords of users who leave comments on these websites.
The attackers then posted this information publicly.
We're contacting you because we discovered that the email address you use at Domains Priced Right was on the list the attackers posted. While Domains Priced Right does not use your email address to log in to your account, we still recommend you follow the security measures below.
For your safety, please review all your online accounts and change your passwords as soon as possible. This includes not only your accounts with us, but also any accounts you have online. Many people use the same password for multiple services on the Internet: email, shopping, finances and social networking. In this situation, attackers could take the information they got from Gawker and try to compromise your other accounts.
For information about how to change your password with us, click here.
You can also find more information about the attack at lifehacker.com.
As always, we take your personal security very seriously. If you have questions regarding this message, please feel free to contact our support center at 480-624-2500.
Domains Priced Right
If you've gotten similar emails, feel free to post here of who was affected, I'll try to update the list. I think it's also a good time to change your primary email addresses (I did this morning). If you want some tips on how to make your password:
Use letters (lower case and capital) and numbers but not separate. In other words, soccer is a poor password. Soccer0 is a little better. s0ccEr is better (zero instead of an the letter o). Use non-native languages. If you speak English but know some Spanish, throw a little in there. Throw in non-alphanumeric characters like punctuation etc. jueg0s0cC.3r is a very good password. Most "brute force" attacks won't use non-alphanumeric characters. If you really want to make it secure, use your ASCII chart juèg0s0cC3r
Don't use nicknames, pets, significant others, etc.
Amazon.com
Gawker Network (post #1)
Deviantart (Posts #2, #3)
Comment