Pssst, want some “Hotmail”

by Tim Sullivan on October 7, 2009 · 0 comments

Don't get burned by phishing.According to numerous recent reports Hotmail users have had their login credentials stolen.

About 10,000 users had their user credentials swiped in this latest phishing attack and millions more have been warned they could be at risk. Cyber-scammers set up a fake Hotmail login page that users entered their information.

Hotmail not alone
Not only did Hotmail users get cyber-mugged but Gmail, Yahoo! Mail, AOL, Comcast and Earthlink account holders were targeted, too. A spokesman for Google said, ‘We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail account. As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them.’

Not a breach, but a scam
Google stressed that the scam was ‘not a breach of Gmail security’ but rather ‘a scam to get users to give away their personal information to hackers’.

Unrest remains among the affected
Account logins had been posted online. They were taken down soon after that discovery. However, users now fear they may have had personal information (credit cards, bank account numbers, etc.) taken from their accounts as a result of their user credentials being publicly posted. Police are advising affected account holders to pay close attention to their credit card and banking accounts for any unauthorized activity.

To help protect yourself from falling prey to phishing scams:

  • Change passwords frequently (every 30 days to 90 days).
  • Use “strong” passwords: include upper case letters, lower case letters, numbers and characters randomly dispersed within the password.
  • Don’t use the same password for your email account as you do for other online accounts. Many online accounts use your email address as the user name.
  • Never click through any warnings your browser may raise about certificates.
  • Be wary of pop-up security warnings.
  • Be wary of mispelled words, poor grammar, blurry graphics on the web site as these items may indicate a phishing site.
  • Implement email security that protects against spam, phishing, malware and other email-borne attacks.

No sign of a cool down for phishing
These phishing attacks will only continue due to the hackers success stealing thousands of email account user credentials. “Hotmail” now conjures up a completely different connotation.

Related posts:

  1. Payroll Firm’s Security Breached
  2. Nigeria Shuts Down 800 Scam Websites
  3. 2 arrested for links to the Zeus Trojan
  4. Happy Birthday! Computer Virus turns 26
  5. Phishing scam hits Penn State email users

Tagged as: , , , , , ,

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Previous post: Small Botnets Cause Big Problems

Next post: Payroll Firm’s Security Breached