View Single Post
Unread 31st August 2017, 07:33 PM
Kevin's Avatar
Kevin Kevin is offline
Join Date: Jul 2008
Location: Sydney, Oz
Year: MY'03
Model: Forester
Transmission: A/T
Posts: 4,755
Kevin is on a distinguished road
Default 711 million email accounts leaked online

Thanks to an alert from Suparoo:

Including 12.5 million Australian email accounts leaked online

The email addresses of 711 million people have been published online, and include those of 12.5 million Australians.
The personal data has been dumped on a server called Onliner Spambot, which since 2016 has been used to spread malware to steal banking details, and infect people’s computers so they send out viruses and spam (unwanted emails).

The two types of data on the Onliner Spambot server are:

  • Email addresses. These are used to send spam and may contain malicious links. For example, one email sent by the server purported to be from Roads and Maritime in NSW and related to E-tags for paying tolls. Because the email looked as if it came from a legitimate source, unsuspecting users could click on the link and go through to a bogus website to pay.
  • Email addresses and passwords. These are used to send spam from user accounts using their internet provider’s mail servers so they look genuine and bypass anti-junk measures.

It is thought the email addresses with passwords match those leaked in the 2012 LinkedIn data breach, and that two million addresses come from a Facebook phishing campaign. Some email addresses appear to have been scraped from websites and are incorrect.

Find out if your email address has been breached

To find out if your email address has been published in a data breach, go to and follow the prompts.
What you should do now

If you find that your email has been breached, change your password immediately.
Ways to protect yourself

  • Create strong and unique passwords and don’t use the same password for multiple online accounts.
  • Use a password manager.
  • Understand that scams exist and use caution online.
  • Criminals may use information they gather about you from social media in order to make their messages more appealing or appear more authentic.
  • Don’t open messages or click on links if you don’t know the sender.
  • Avoid malicious messages—don’t share your email address online unless you need to.
What to do if your identity is stolen

  • Notify your financial institutions.
  • Change your passwords.
  • Notify the relevant websites.
  • Request a credit report from a reputable credit reference bureau.
MY'03 Foz AT XS with centre lock-up
MY'10 Triton AT GLX-R 2.5 DiD
MY'97 Outback RIP
Reply With Quote