New Phishing Scam Preys on Hotmail Users
A massive number of people using Hotmail, the widely accessed Web-based e-mail facility are apparently the victims of a phishing scam.
According to the details obtained, an aggregate of 24,534 e-mail passwords and IDs were posted on the pastebin.com website. The said site lets visitors to post texts wholly or partially for anyone to access them, while keeping their own identities hidden.
Microsoft, while commenting on the issue, stated that during the 1st weekend of April 2010, it came to know that numerous unwitting customers of Windows Live Hotmail had their account credentials revealed on an intermediate website, possibly through a phishing scam. On knowing about the problem, the company instantly called for removing the credentials and started investigating the event for assessing the impact of the hack on customers, the software giant reported, according to a statement published by Ibtimes.com.au on April 6, 2010.
While the majority of e-mail IDs included in the April 4, 2010 list was of hotmail.com, addresses on other e-mail services like Gmail.com, Yahoo.com and AOL.com were also included. On Monday, April 5, 2010, most users couldn't access their accounts that Microsoft might have blocked for security purpose.
Security researchers also pointed out that the majority of users chose to have an identical username for their accounts on various e-mail services. About 40% of users choose same password to access different websites they visit. Naturally, this enables online crooks to hack into not just those users' Hotmail accounts, but also all the remaining e-mail accounts such as Gmail, Yahoo and AOL.
As a result, security researchers strongly recommend that users must set separate usernames and passwords for separate e-mail accounts so that in case hackers compromise one of them, the others will remain safe. Moreover, users must delete such e-mails so as to mitigate the possibility of being a victim of any phishing scam.
Finally, cyber-criminals targeting Hotmail isn't something new. In late 2009, about 20,000 e-mail usernames and passwords associated with Hotmail, Gmail, AOL, Yahoo as well as other e-mail utilities were similarly exposed, again on pastebin.com. However, the data in the current list has seemingly affected a comparatively large number of accounts.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 15-04-2010