The Phishing Scams That Affected Users of Hotmail, Gmail and Yahoo! is Spreading


Security firm Websense says it has noticed a sharp rise in spam e-mails from Yahoo, Gmail and Hotmail accounts.

This is because infected accounts are sending personalised e-mails to contacts suggesting shopping sites, which are in fact fakes.

Security expert Carl Leonard warned people to be on their guard.

He advised people to check with friends that they had indeed sent the recommendation before visiting any new shopping sites.

He also advised people to check web addresses: they should read https, with the 's' standing for secure.

The news reflects e-mails the BBC has received from victims.

Peter Griffin found his Hotmail account had been compromised on Tuesday. He is currently unemployed and is worried that he has been sending spam to prospective employers.

"I checked my account yesterday and found more than 10 e-mails with links [that] were sent from my Hotmail [account] to people from my contacts," he told the BBC.

Despite changing his password, he "found an hour later they had sent another six e-mails".

Key-logging

One security expert thinks victims of the scam could have been part of a so-called key-logging attack.

Amichai Shulman from security firm Imperva said the high numbers of victims suggested this type of attack.

Unlike a traditional phishing scam, which lures people into revealing their details on fake websites, key-logging records individual key strokes.

In some cases the malware could have been downloaded automatically.

The scam was highlighted when several lists, detailing more than 30,000 names and passwords from Hotmail, Google and Yahoo web mail accounts were posted online.

BBC News has seen two lists that detail more than 30,000 names and passwords from e-mail providers, including Yahoo and AOL, which were posted online.

Google is aware of a third list, although it is not clear how many names are on it.

The size of the scam has led Mr Shulman to question whether it is a traditional phishing attack.

Lists 'common'

"The vast majority of people do not fall prey to phishing attacks and the success rates are around one per 1,000. The fact that even one of these lists contained 10,000 names suggests to me that it was a key-logging scam," he said.

Key-logging malware can be downloaded from infected websites, of which Mr Shulman estimates there are millions in existence.

Once on a machine it can record every keystroke, including passwords or bank details.

The malware that installs a key-logger can be downloaded automatically although often it requires users to click a box, with common fakes promising system-enhancing or anti-virus software.

The lists, which were posted online at Pastebin, a website where developers share code, are not unusual, according to Mr Shulman.

"That's the nature of the world we live in and sometimes we get a glimpse inside it. These lists are constantly traded online," he said.

"The fact that the lists became public is probably negligence on the part of the hackers," he added.

According to a report published by MarkMonitor last week, phishing is at a two-year high.

It found that phishers were targeting payment websites and social networkers as well as traditional banking websites.

Experts are advising anyone who thinks they might have been affected by the scam to update their anti-virus software and to immediately change their passwords.

It has reopened the debate about how people manage the numerous passwords they have for various web accounts.

It has led one security expert to offer some unusual advice.

"People should write down their web based passwords. That's one way of making sure that you can remember a "strong" password," said Sean Sullivan, security advisor at F-Secure.

"This tends to go against the conventional wisdom but it just makes more sense. People use weak passwords because they cannot remember the strong ones."

SOURCE: BBC



Copyright © Jewish Internet Defense Force
All Rights Reserved

LEGAL:
The views expressed on this website do not necessarily reflect the views of the JIDF. The content is not intended to malign any religion, ethnic group, club, organization, company or individual. This site's intention is to do no harm, to not injure others, defame, or libel. All data and information provided on this site is for informational, educational, and/or entertainment purposes only. The Jewish Internet Defense Force (JIDF) makes no representations as to accuracy, currentness, correctness, suitability, or validity of any information on this site and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use, or access to this site. We are not responsible for translation or interpretation of content. We are not responsible for defamatory statements bound to government, religious or other laws from the reader’s country of origin. All information is provided on an as-is basis with no warranties, and confers no rights. We are not responsible for the actions, content, accuracy, opinions expressed, privacy policies, products or services or for any damages or losses, directly or indirectly, caused or alleged to have been caused as a result of your use or reliance on such information on the Jewish Internet Defense Force site. This site includes links to other sites and blogs operated by third parties. These links are provided as a convenience to you and as an additional avenue of access to the information contained therein. We have not reviewed all of the information on other sites and are not responsible for the content of any other sites or any products or services that may be offered through other sites. The inclusion of these links in no way indicates their endorsement, support or approval of the contents of this site or the policies or positions of the JIDF. We have the right to edit, remove or deny access to content that is determined to be, in our sole discretion, unacceptable. These Terms and Conditions of Use apply to you when you view, access or otherwise use this blog and the Website. The JIDF is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.
Related Posts with Thumbnails