With that information, they can easily 1) get access to the information in your accounts, 2) use your account to pretend to be you and attack more people, 3) use that account or password to get access to your other accounts, and 4) send spam to you or your contacts.
How they try to steal your information can be simple or very sophisticated, which means you need to be extra careful of what you click, or where you enter your email and passwords.
A Qbit staff member recently recieved an email that appeared to be from a Dropbox user. The emails look authentic, and they appear to be from someone the user knows. But the link goes to a fraudulent site that tricks the user into entering their login credentials, then installs malware on their computers, and sends phishing emails to everyone on their contact list.
Always be careful when opening email links, even if it appears to be from someone they know.
Users who have been a victim should change their password. Additionally, customers need to un-link any connection made to your account by the hacker, which does not happen by simply resetting login credentials.
This article originally appeared at Cloudwards