ESET Detects Fresh Phishing Scam Aiming At Hotmail Users

Security researchers from ESET the anti-virus firm have urged Internet users towards maintaining vigilance regarding an e-mail that appears like a real Hotmail message though concealed within one extremely risky phishing campaign.

State the ESET researchers that they came across one fresh phishing scam distributing an electronic mail apparently from an id having @hotmail.com as its suffix while the caption displayed was "Alert-Reset your Windows Live password."

According to them, the fake message states that it's a notification in addition to Microsoft Account Users that congestion is being experienced because of the unnamed fraud flowing into Windows Live Account; therefore Accounts are being closed and the recipient's account is one of them, which's being deleted.

Thereafter, the e-mail states that it's being sent to the recipient to enable him to validate his account information so that his account can be upgraded and also that it may remain active like before. But for that he must answer the queries asked in the spaces underneath, it suggests.

However, the queries strangely relate to the recipient's date-of-birth, country of origin, username and password. Another strange thing is that these phishing e-mails don't lead users onto a phishing site just as the majority of this kind of attack does.

Additionally, the researchers emphasize that these e-mails appear extremely professional since they've been crafted on the basis of a formal Microsoft correspondence. Nevertheless, there's vital evidence, which signals these kinds of e-mails, as tainted. For, the decision for deactivating the recipient's account itself means that the phishers are aware of his username, one ESET blog writes. Securitynewsdaily.com published this on December 21, 2010.

Meanwhile, because of the phishing campaign's maliciousness, the researchers advise that if any user feels he has been victimized with the scam then he should instantly reset his password. Besides users, generally must reset their passwords after each 90-day interval. Moreover, they must erase the e-mails instantly if they think them to be malicious.

Finally, they must be very careful while viewing e-mails that arrive from any source -familiar or unfamiliar, while ensuring that security software is installed and routinely made up-to-date on their computers.

Related article: ESET Discusses malware Writers’ Trend

» SPAMfighter News - 1/1/2011