If your email was included in the rash of data dumps over the past year — such as the 5 million gmail addresses dumped last September; your email address could be used in cybercriminal phishing campaigns. Proofpoint states that smart attackers will use this data in two ways:
They may take the email address and password dump to test accounts across the web for password reuse.
The attackers can phish users of Gmail and Google Apps using the fear generated when the password dump was published.
Proofpoint recommends that users should practice good password hygiene, change passwords on a regular basis, avoid password re-use, […]