Phishing Attack Exposed Thousands of Hotmail Accounts

On October 5, 2009, Microsoft confirmed that a phishing attack had exposed thousands of Hotmail usernames and passwords in the first week of October 2009.

The security breach was reported on a technology blog which claimed that 10,000 accounts had been affected by the attack in Europe only. It was also revealed that especially those accounts, which start with "A" or "B", had their login details posted by an unknown user on a website known as pastebin.com.

Microsoft gave a statement in which it stated that they had come to know that information of several Windows Live Hotmail customers exposed on a third-party website because of a phishing attack.

On learning about the case, they appealed that the information should be removed and started an inquiry to find out the impact on customers, said Microsoft. After the investigation, they found that this was not a security breach of in-house Microsoft data. However, they immediately swung into action and initiated their normal process of working to help customers to recover their accounts.

Security experts state that in a phishing scheme, users are deceived into revealing their personal details, generally usernames and passwords, and sometimes financial details. But in the Hotmail case, users could have used the mail program to interact with banks and other institutions, storing sensitive details in their accounts.

Therefore, Microsoft suggests that users should change their password of Windows Live (which can use Hotmail) in every 3 months. Microsoft also recommends that users who think that they have been hit by the phishing attack should change their passwords at once.

Besides, Graham Cluley, a consultant at online security firm Sophos, advises users to change their passwords on any other sites where the same passwords have been used, as per the news by MY FOX NEPA on October 5, 2009.

Explaining the menace of phishing attacks, Microsoft security experts said - phishing is an industry-wide problem and Microsoft is determined to help customers have a secure, positive and harmless online experience. Security experts added that users should be careful when opening uninvited mails from both familiar and unfamiliar sources. In addition, they should download and frequently update their antivirus solutions to deal with the incessantly rising problem.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 10/21/2009