Facts have proved that data leakage is the most common way for user credentials to leak online, which is not surprising given its regularity and scale. Yahoo, LinkedIn and MySpace and other sites were black 1.9 billion records were leaked, most of these data are traded in private forums. Hackers gained 12 million vouchers through phishing tools, while keyboard keyloggers received 780,000 vouchers.
12% of the records exposed by data breaches use Gmail addresses, and 7% of users use the same password. The success rate is higher with phishing and keyloggers, and 12% to 25% of the passwords obtained using these attacks are valid. About 230,000 valid names and passwords are phishing weekly, while keyboard recorders receive around 15,000 valid documents a week.