Security researchers discovered a doozy of a spam list this week — over 711 million email addresses on it in total. That means it’s time to check your security again.
A Paris-based researcher called Benkow uncovered the spambot, called “Onliner.” It uses a tiny, pixel-sized images hidden in spam emails to gather details about recipient’s computers. Security expert Troy Hunt says the list contains a “mind-boggling amount of data.”
What makes Onliner particularly unpleasant is the massive amount of SMTP credentials used to circumvent spam filters. The credentials appear to be mostly scraped from other data leaks.
While just having your email address in the data isn’t too worrying — all it means is that you have to be extra careful whose emails you open — there are also a number of compromised accounts on the list. This means that your account could be used to send the spam to more people. Hunt told ZDNet that the number of existing emails in use is slightly smaller than the total number of login credentials on the list, so there is that, I suppose.
To see if you’ve been compromised, head over to Troy Hunt’s HaveIBeenPwned and enter your email address. It’s a good thing to do periodically anyway, just for safety’s sake, but I recommend doing it now just to be sure.
Hunt says users who have strong passwords and two-factor authentication don’t need to worry too much, though.