Results 1 to 2 of 2

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

  1. #1
    Senior Member JohnDoe2's Avatar
    Join Date
    Aug 2008
    Location
    PARADISE (San Diego)
    Posts
    99,040

    Password Scam: Google, Yahoo, Comcast, Earthlink, Hotmail

    Password Scam Widens To Google, Yahoo
    Tuesday, October 06, 2009

    The scale of the phishing attack on Hotmail could stretch further than first thought, with accounts on Google and Yahoo now threatened.

    Microsoft confirmed on Monday that the popular email site had been the target of a scam which tricked users into revealing their passwords. This led to around 10,000 passwords being posted online.

    The computer company said their servers were not responsible for the security breach and that individuals had been conned into handing over their details. But it has been reported that more lists have also been circulated with genuine account information relating to email on Google, Yahoo, Comcast and Earthlink, as well as other third-party web mail services.

    Neil O'Neil, an ethical hacker and digital forensics investigator at secure payments specialist The Logic Group, said up to a million passwords could have been accessed.

    "Making the breach public so soon after the attack occurred has allowed unethical hackers to access the passwords very easily, even though they were deleted a couple of days ago at the request of Microsoft," he explained.

    "People tend to have the same password across many accounts — so there is a good chance that individuals have also compromised the integrity of their ebay or paypal accounts too.

    "The list went through A and B, so you would think whoever released these has more. And if you do the maths, they could have more than a million passwords."

    Hackers and cybercriminals attempt to trick people into handing over personal details, including email addresses and passwords. Internet users may be directed to false websites, set up to mirror legitimate websites, that feed information back to the criminals.

    News of the scam broke when technology blog neowin.net reported an anonymous user had published confidential details on pastebin.com. Internet users are urged to change their passwords regularly and ensure anti-virus software is up to date to protect themselves from fraudsters.

    Related StoriesMicrosoft Confirms Hotmail Passwords Exposed
    A Microsoft spokesman said: "We are aware that some Windows Live Hotmail customers' credentials were acquired illegally by a phishing scheme and exposed on a website."

    They added that they requested the details be removed from the internet and they launched an immediate investigation. The company are also taking measures to block the accounts which were hit.

    A spokesman for Google said they were aware that some gmail accounts had been part of the phishing scam and said — while their servers were not responsible — they had taken steps to ensure security.

    And a spokesman for Yahoo said they take great effort to protect their users' security and that they urge consumers to take measures to secure their accounts whenever possible, including changing their passwords.

    http://www.foxnews.com/story/0,2933,561240,00.html
    NO AMNESTY

    Don't reward the criminal actions of millions of illegal aliens by giving them citizenship.


    Sign in and post comments here.

    Please support our fight against illegal immigration by joining ALIPAC's email alerts here https://eepurl.com/cktGTn

  2. #2
    Senior Member JohnDoe2's Avatar
    Join Date
    Aug 2008
    Location
    PARADISE (San Diego)
    Posts
    99,040

    20,000 Hotmail passwords exposed

    20,000 Hotmail passwords exposed

    Some 20,000 Hotmail account holders' usernames and password have now been exposed on the Internet. Earlier today, the number was 10,000 Hotmail logins, all beginning with the letter "a" or "b."

    Microsoft has released a statement saying it's not the company's fault. The Hotmail logins were stolen via a phishing attack, says Microsoft. "We determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts."

    Sophos security analyst Chester Wisniewski has raised the specter that whoever stole the accounts may very well be running through the whole alphabet. He says the big question is, "How many people fell victim to this attack, and is it still underway? I may not be able to answer these questions, but with over 10,000 accounts exposed from the first two letters of the alphabet the scope of this fraud could be very large."

    Sophos virus researcher Beth Jones says that these particular logins are extremely valuable "virgin accounts" with a higher chance of not yet being blocked by spam filters.

    It would not surprise Jones if the bad guys use the stolen Hotmail accounts to spam out viral spam to everyone in each account account holder's address book, perhaps to help extend the nasty Live Messenger email worm that's spreading around.


    "They better their odds of a successful campaign by using these addresses," says Jones.

    Update: The BBC is reporting that Google, Yahoo and AOL email account credentials have been similarly stolen, with at least 30,000 account details surfacing on the Internet. If you're worried that cyber criminals might have your username and password for one of your Web mail accounts, change your account password. Now.

    By Byron Acohido

    Posted at 05:39 PM/ET, October 06, 2009 in Microsoft

    http://blogs.usatoday.com/technologyliv ... posed.html
    NO AMNESTY

    Don't reward the criminal actions of millions of illegal aliens by giving them citizenship.


    Sign in and post comments here.

    Please support our fight against illegal immigration by joining ALIPAC's email alerts here https://eepurl.com/cktGTn

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •