Mastodawn

Looks like the bad guys are using the email addresses harvested from the #CondéNast / #WIRED #breach. I just received this #phishing email on an #Addyio email address I've never used for anything else. I'll be deactivating the email address, of course.
I like #Addyio, but there's one important feature it's missing: I really wish they would implement an integration with #HaveIBeenPwned.
Ref: https://haveibeenpwned.com/Breach/WIRED
FYI @troyhunt @zackwhittaker @briankrebs
#spam #infosec #privacy

Show thread

Jonathan Kamens 86 47 2d ago

Oh, interesting. There doesn't appear to be any way to change the email address associated with an account on #WIRED's website. 10/10 WIRED, no notes. /s

Show thread

banderkat

@jik I left a message in my subscription cancellation yesterday making it clear it was because I was now getting spam on the email address I could not change (an address I don't use otherwise).

Unfortunately I think a lot of online publications use email as a primary, unalterable identifier. Hopefully they'll learn from Conde Nast and move away from that in future.