Greg, our I.T. guy, shared these with me yesterday, after two more of our staff people were each hacked in their email accounts. I was trying to imagine — how do people most easily make off the keys to someone’s email accounts? Greg filled me on the most common 4 Attack Vectors:

1.  Weak password storage on the server that got hacked.

2.  Re-usage of the same username/password across accounts, typically linked grabbed from one of those servers that got hacked.

3.  Spyware/viruses stealing info

4.  Weak implementation of the “Security Question” model.

I thought each of these represented a different, yet related sphere.