Scripps Employees Called 'Hackers' For Exposing Massive Security Flaw
Suspected PayPal Hackers Seek Deal To Stay Out Of Prison
Gmail, Hotmail, AOL and Yahoo! users fall victim to phishing scheme
Over 30,000 email addresses have been compromised, with their login info posted online, in the past few days. The BBC has apparently seen the list, and it includes Hotmail, AOL, Yahoo and Gmail users. None of those companies are to blame, though, because the owners of the email addresses got caught in a phishing scam. In case you're not already in the habit of making sure you're not giving your login info to fake websites that are made to look real ones, this is a good reminder to start.Gmail is dealing with its share of the stolen accounts by forcing password resets, and a spokesperson at Google said there was no breach in Gmail security. This comes right on the heels of a possibly-related Hotmail-only phishing attack that hit 10,000 accounts earlier this week. To be safe, make sure you use a different password for each service you sign up for (the BBC says 40% of Internet users have the same password for everything), and if you click on a link in your email, make sure you're on a legitimate website before you sign in.
[via Mashable]
Comments
7
Subscribe to commentsRogueJedi86Oct 6th 2009 3:25PM
If you're worried in gmail, open your gmail inbox go to the very bottom. You should see a "Last account activity: # minutes ago at this IP (your ip number). Details". Click details to see what IPs have logged on your GMail in the last several hours. You can also click a button there to sign out all other instances of your GMail. That can be useful if sign them out then immediately change your password. Just a tip for GMail users, since my GMail got broke into a few weeks back.
AbdoOct 6th 2009 3:38PM
Thanks for the great tip, I'm good up until yesterday.
Beth JonesOct 7th 2009 2:10PM
Bear in mind this probably wasn’t a single phishing attack. From what we
here at Sophos have seen, it was more than likely a multi-vectored
attack, using email phishing, keylogging botnets and rogue social
network applications, given the number of “fake” email addresses, as
well as a list of “kid culture” passwords. See our blog posts:
http://www.sophos.com/blogs/sophoslab/v/post/6719
http://www.sophos.com/blogs/chetw/g/2009/10/06/hotmail-heist-update-release
The rogue applications is definitely worth noting. While people may be
wiser to email phishing attacks, social media sites are much newer so
the trust factor is still high. Remember what the trust factor was like
in the 1990’s with email? I am on several of the social media sites and
I see rogue applications that are collecting email addresses and
passwords at least a couple times a month. The whole “If you liked this
application, send it to your friends” is really a phishing attack - it
asks for your email address and password to “send” to your friends. The
phishers then have your information.
As stated above, we have also seen in the list a lot of kid culture
passwords, which lends credit to the multi-vectored attack. An email
phish wouldn’t work on a small child, but a “send this application to
your friends” would.
Please be careful out there. Treat your passwords as you would your underwear:
- change them often
- don't share them
- and don't leave them lying around for other people to see
MysteriusOct 8th 2009 1:48AM
So Gmail is forcing all the accounts that have been hacked to reset their passwords? That seems like a good move.
Have Hotmail and Yahoo also implemented similar measures?
MikeOct 10th 2009 6:30AM
Ha ha,
I love going to those sites and entering in as much trash talk as I can, especially foul language, if you know what I mean and then doing it over and over for several times to send them lots of garbage to deal with.
Then I report the offending site to the real site managers and usually within an hour it is gone.
Lots of fun though. Did the PayPal one the other day. It was really detailed and convincing. I went through all of the screens and gave them as much s*&t as I could.
These people that do phishing emails suck big time.
Mike
mobilephonecellularOct 23rd 2009 6:54AM
Apple iPhone 3G S 32GB
SKU: 35007270L
This is a bulk order for 10 phones. Please allow 5-10 business days for shipping. We ship directly from our warehouse.
Manufacturer: Apple
Condition: New
Shipping weight: 15 lbs
Product Description
iPhone combines three products - a revolutionary mobile phone, a widescreen iPod with touch controls, and a breakthrough Internet communications device with desktop-class email, web browsing, maps, and searching - into one small and lightweight handheld device. iPhone also introduces an entirely new user interface based on a large multi-touch display and pioneering new software, letting you control everything with just your fingers. So it ushers in an era of software power and sophistication never before seen in a mobile device, completely redefining what you can do on a mobile phone.
Additional Features
aGPS
Details
Dimensions (WxDxH): 62 mm x 12 mm x 116 mm
Weight: 135 g
Phone Design: Candy bar
Data
Internet Browser: Yes
Wireless Interface: Bluetooth 2.1 EDR, IEEE 802.11b, IEEE 802.11g
Battery
Battery: Lithium ion
Talk Time: Up to 600 min
mobilephonecellularOct 23rd 2009 7:03AM
mobilephonecellular@gmail.com
Apple iPhone 3G S 32GB
SKU: 35007270L
This is a bulk order for 10 phones. Please allow 5-10 business days for shipping. We ship directly from our warehouse.
Manufacturer: Apple
Condition: New
Shipping weight: 15 lbs
Product Description
iPhone combines three products - a revolutionary mobile phone, a widescreen iPod with touch controls, and a breakthrough Internet communications device with desktop-class email, web browsing, maps, and searching - into one small and lightweight handheld device. iPhone also introduces an entirely new user interface based on a large multi-touch display and pioneering new software, letting you control everything with just your fingers. So it ushers in an era of software power and sophistication never before seen in a mobile device, completely redefining what you can do on a mobile phone.
Additional Features
aGPS
Details
Dimensions (WxDxH): 62 mm x 12 mm x 116 mm
Weight: 135 g
Phone Design: Candy bar
Data
Internet Browser: Yes
Wireless Interface: Bluetooth 2.1 EDR, IEEE 802.11b, IEEE 802.11g
Battery
Battery: Lithium ion
Talk Time: Up to 600 min