How do email accounts get compromised?

Phishing: attackers trick users into entering credentials on fake login pages. Most common compromise vector. Credential theft enables account access.

Password attacks: credential stuffing (using breached passwords), password spraying (common passwords against many accounts), and brute force (guessing). Weak or reused passwords enable these attacks.

Other vectors: malware capturing credentials, session hijacking, and OAuth token theft. Multiple paths lead to account compromise; defense must address all vectors.