![]() ![]() ![]() Please make sure to take a look at what I would however recommend for thing like account issues not use any links given to you by an e-mail that you did not request. It is a good time to remind everyone to leverage MFA where possible (WG supports it), and to not reuse passwords across multiple websites.Ĭorrect this kind of thing could be a phishing attempt, I would have to look up accounts individually and that could take a long time. No way to know about that on our end, but I doubt it would be a security breach at WG. Example: you'll get a confirmation a mail has been sent if the email exists, or else it will tell you that no such account exists in the system. The most common vulnerability in the process is an information leak: you can sometime determine if the email address is valid by asking for a password reset. You can validate if your email address has been part of a breach earlier using Typically though, the bot is not programmed to trigger a password reset until a vulnerability exist with that process. That being said, it could indeed be the result of a password spray attack: some threat actors is trying email/password combinations leaked from somewhere. Without a valid email sample and the complete email headers, it's hard to investigate the legitimacy of the email but chances are that it originates from WG. I haven't received this email personally.įrom a cybersecurity perspective, is properly configured with DMARC ( Network Tools: DNS,IP,Email () ) so spoofing the email domain wouldn't work unless your email provider doesn't support DMARC validation which as of 2022, is not super frequent anymore. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |