Email service is a risky communication medium to use since most hackers are currently creating tools to acquire users’ sensitive data online. Previously, it was reported that more than three billion emails and passwords were stolen and leaked online.
This just shows that cybercriminals and other malicious actors are really active during the ongoing pandemic since most people are currently staying at home. Most companies and businesses are also operating online to avoid complete shutdowns.
Going back, the previous massive breach is a new compilation recently posted on an online hacking forum that contains more than 3.2bn unique pairs of cleartext emails and passwords gathered from past leaks. The latest attack is called Compilation of Many Breaches or COMB since it contains more than twice the amount of unique passwords and email pairs than the Breach Compilation, which happened way back in 2017. Breach Compilation was able to acquire 1.4bn credentials, which were soon leaked online.
Just like 2017’s Breach Compilation, the latest email breach contains a script named count_total.sh. However, this latest leak also includes the scripts query.sh for querying emails and sorter.sh for sorting the data it contains.
How serious is COMB’s massive email breach?
COMB is considered the largest compilation of multiple breaches that was ever recorded by security researchers and experts. This new data leak shares many similarities to 2017’s Breach Compilation including the fact that its data is organized in a tree-like structure and that the same scripts are used for querying emails and passwords.
How to avoid getting tracked
Security researchers explained that one of the most effective ways of tracking a messaging service is Pixels, which is really popular with hackers and other online attackers. If your message’s end usually has a small image, which is the same size as a single pixel, then there’s a high chance you are currently being tracked.
However, since it is so tiny, it is users find it difficult to identify. When your email client loads the picture, your email service must retrieve it from the sending server; this server can then log when your email service loaded the image to understand when (and if) you opened the email.
Experts suggest that IP address and other additional information can alert the servers where you were located when you open a message.
First, you need to take a look at the former option and how you can disable your email client from automatically downloading images in the messaging service. You can do this by following these easy steps;
- Log into your Gmail account.
- Click on the gear icon in the upper right corner.
- Select the General tab.
- Scroll down to the Images category and select Ask Before Displaying External Images.
- Scroll down and click Save Changes.
If you are using AOL’s messaging service, you can do it by following these steps;
- Log into your AOL Mail account.
- Select Options, then Mail Settings.
- Choose General.
- Under the Reading category, select Hide Images in Mail from Unknown Senders.
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.