Tuesday, October 6, 2009

Email phishing attack spreads to Gmail and Yahoo


Thousands of accounts on web-based e-mail system Hotmail have been compromised in a phishing attack, software giant Microsoft has confirmed.

BBC News has seen a list of more than 10,000 e-mail accounts, predominantly originating from Europe, and passwords which were posted online.

Microsoft said it had launched an investigation.

Phishing involves using fake websites to lure people into revealing details such as bank accounts or login names.

"We are aware that some Windows Live Hotmail customers' credentials were acquired illegally and exposed on a website," said a Microsoft spokesperson.

"Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers."

Quick change

Graham Cluley, consultant at security firm Sophos, told BBC News the published list may just be a subset of a longer list of compromised accounts.

"We still don't know the scale of the problem," he told BBC News.

Technology blog neowin.net was the first to publish details of the attack. It said the accounts were posted on 1 October to pastebin.com, a website commonly used by developers to share code.

Although the details have since been removed, BBC News and Neowin has seen a list of 10,028 names beginning with the letters A and B.

BBC News has confirmed that the accounts are genuine and predominantly originate in Europe.

News Email phishing attack spreads to Gmail and Yahoo

Neowin can today reveal that more lists are circulating with genuine account information and that over 20,000 accounts have now been compromised. Non-Hotmail passport accounts have been affected too. A new list contains email accounts for Gmail, Yahoo, Comcast, Earthlink and other third party popular web mail services. It's not clear if this is login information for the service itself or the Microsoft Passport passwords.

#367 Trudon 06 Oct 2009 - 09:47 GET: where can I see the list of emails? I want to know if my accounts are on there

#368 ££££ 06 Oct 2009 - 10:03 GET: Check this website to see if you've been conpromised :

www.moneyforsilly-CBT.org.lol

Just enter your email address and password and we'll check to see if it's on our list, I mean, the list...
Posted by at
Labels: , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

LinkWithin

Related Posts with Thumbnails