Hello Guest November 25, 2024, 19:32:15 *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
Pages: [1]   Go Down

Author Topic: Warning to Google Mail Users, Yahoo, Hotmail etc.  (Read 2056 times)

IRI5HJ4CK

  • Forum member
  • Posts: 4256
Warning to Google Mail Users, Yahoo, Hotmail etc.
« on: October 07, 2009, 07:33:12 »

"Google's web-based e-mail system, Gmail, has been targeted as part of an "industry-wide phishing scheme".

The firm said that it had immediately safeguarded the affected accounts.

BBC News has seen two lists that detail more than 30,000 names and passwords from e-mail providers, including Yahoo and AOL, which were posted online.

The lists also include details of thousands of Microsoft Hotmail users. Google said fewer than 500 of its accounts had been affected by the scam.

However, the search giant revealed that it had discovered a third list, but would not say how many accounts it showed.

Phishing involves using fake websites to lure people into revealing data such as bank account details or login names.

"We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts," said a Google spokesperson.

"As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them."

The firm stressed that the scam was "not a breach of Gmail security" but rather "a scam to get users to give away their personal information to hackers".

'Industry problem'

The phishing scam was originally thought to target just Hotmail users.

It was brought to light when 10,000 Hotmail addresses were posted online at Pastebin, a website commonly used by developers to share code.

The list was reported by technology blog Neowin.

However, a second list of 20,000 names has since emerged containing e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail and other service providers. A third list, which has not been seen by the BBC, was discovered by Google.

Some of the accounts on the list of 20,000 names appear to be old, unused or fake. However, BBC News confirmed that many - including Gmail, Yahoo and Hotmail addresses - were genuine.

Other addresses on the list include Comcast and Earthlink accounts.

It is not clear whether the new lists was part of the same phishing attack that collected the Hotmail addresses or a separate scam.

A spokesperson for Microsoft said phishing was an "industry-wide problem".

"Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software."

Both lists can still be accessed online.

A spokesperson for Yahoo urged consumers to "take measures to secure their accounts whenever possible, including changing their passwords".

Carole Theriault of security firm Sophos agreed.

"Getting access to one password can give someone access to lots of things," she said.

People should change their password on any other site where they use it, she added.

A recent report by the firm said that around 40% of people had the same password for every website they used.

"People need to see a difference between an online bank account and booking cinema tickets online," she told BBC News.

But, she said, blame did not rest with the users of the e-mail services, who likely clicked on a link in a scam message.

"Phishing attacks are very subtle these days," she said. "People do all kinds of tricky things."

Fake websites, which ask for a users login details, can be made to look like those of reputable companies.

"This should be a wake-up call to Google and Microsoft to educate their users," said Ms Theriault."

---------------------
I just thought this may be worth posting on here, Since I myself am a Google Mail user.

Jack :thumbs:
(Sourced from the BBC: http://news.bbc.co.uk/1/hi/technology/8292928.stm)
Logged
Kind Regards,
Jack.

Agent|Austin

  • Forum member
  • Posts: 4818
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #1 on: October 07, 2009, 07:35:16 »

That my friend is why I love having my own website with email on it.
Logged

Captain Darling

  • Forum member
  • Posts: 737
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #2 on: October 07, 2009, 15:23:27 »

Yup me too Austin, However, these hackers only got the credentials if you went onto a fake website which you thought was the real website. Just make sure the web address is correct before entering ANY login credentials...


This happened with some social networking sites like facebook and myspace.


All you can do is make sure you got the right web address.. :-\
Logged
Regards,
James

jim.smith

  • Guest
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #3 on: October 07, 2009, 17:10:43 »

Thanks for the warning Jack.
Logged

IRI5HJ4CK

  • Forum member
  • Posts: 4256
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #4 on: October 07, 2009, 19:40:10 »

Thanks for the warning Jack.

No worries at all. I just thought it would be worth posting. I wouldn't like for anybody to fall for scams! :thumbs:

Jack.
Logged
Kind Regards,
Jack.

J3nsen

  • Forum member
  • Posts: 1751
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #5 on: October 07, 2009, 23:21:18 »

Good i don't have any of those mails...
Logged
http://80.95.161.114/shipsim/forum/index.php/topic,10335.250.html

TJK

  • Guest
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #6 on: October 08, 2009, 00:41:57 »

Good i don't have any of those mails...

No problem's with gmail if you use the window mail, outlook express, outlook or other mail programmes to receive mail to read the mail. it's only the web mail that have this problems
Tore
Logged

Agent|Austin

  • Forum member
  • Posts: 4818
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #7 on: October 08, 2009, 00:44:39 »

No problem's with gmail if you use the window mail, outlook express, outlook or other mail programmes to receive mail to read the mail. it's only the web mail that have this problems
Tore

I thought that they would have got the emails from the google database in which it wouldn't matter how you access your email.
Logged

TJK

  • Guest
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #8 on: October 08, 2009, 00:50:01 »

I thought that they would have got the emails from the google database in which it wouldn't matter how you access your email.
Well i newer had problems with gmail, maybe been lucky then ;D
Logged

Agent|Austin

  • Forum member
  • Posts: 4818
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #9 on: October 08, 2009, 00:55:28 »

Well i newer had problems with gmail, maybe been lucky then ;D

I have never had problems with them either, I used gmail for a while for automatic blog emails and such. (Users could subscribe and get posts sent to their email)



http://austin365.blogspot.com/
Logged

Captain Darling

  • Forum member
  • Posts: 737
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #10 on: October 08, 2009, 10:27:57 »

I thought that they would have got the emails from the google database in which it wouldn't matter how you access your email.
Nope they got the credentials by creating fake gmail, windows live login webpages, which people thought was the real website.

When they try and login, the credentials typed in is then recorded in the hackers database for him/her to use.


As I said, this also happened on some social networking sites like facebook and myspace a few years back.


So as TJK said, you are much better secured if you use a client side program (thunderbird, outlook etc) then web based. However if you do use web based, just make sure the website you're logging into is the correct one, you can do that by checking the web address..
Logged
Regards,
James

Agent|Austin

  • Forum member
  • Posts: 4818
Re: Warning to Google Mail Users, Yahoo, Hotmail etc.
« Reply #11 on: October 08, 2009, 18:34:48 »

Nope they got the credentials by creating fake gmail, windows live login webpages, which people thought was the real website.

When they try and login, the credentials typed in is then recorded in the hackers database for him/her to use.


As I said, this also happened on some social networking sites like facebook and myspace a few years back.


So as TJK said, you are much better secured if you use a client side program (thunderbird, outlook etc) then web based. However if you do use web based, just make sure the website you're logging into is the correct one, you can do that by checking the web address..

Oh, I had a friend make on of those before to get runescape passwords. I used to have a dark side, haha.
Logged
Pages: [1]   Go Up
 
 


SMF 2.0.14 | SMF © 2017, Simple Machines