Troy Hunt, security expert and creator of HaveIBeenPwned, falls victim to phishing scam

Facepalm: Even the best of us can fall for scams. Just look at Troy Hunt, the security expert and creator of the HaveIBeenPwned.com website, who was tricked by a phishing email. The attackers managed to steal his mailing list for his personal blog, compromising roughly 16,000 emails, around half of which belong to people who had unsubscribed from the list. Hunt says he was jet lagged and tired when he read an email that appeared to come from Mailchimp, the service he uses for his mailing list. It claimed that the company had received a spam complaint made against Hunt's personal blog letters, leading to restricted sending privileges. Hunt clicked on the link in the email. It led him to a page where he entered his login credentials, which he notes did not auto-fill from the 1Password password manager extension. He then entered the one-time password and the page hung, at which point he realized he'd been tricked. Hunt then logged onto the official Mailchimp website to change his passw ... Read full article.