Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Yahoo and Hotmail Users Targeted by Complex E-mail Attacks

Recently, security researchers at the security firm Trend Micro unveiled a new series of targeted phishing attacks on the users of Microsoft Yahoo Mail and Hotmail services.

In the Hotmail attacks, users were targeted through phishing e-mails that took advantage of a flaw in Microsoft's e-mail service to compromise their contacts list and facilitate rogue forwarding settings.

This method, of inserting a rogue e-mail forwarding address, enables cybercrooks to read all of their victims' personal and confidential e-mails and was also utilized in the Gmail spear phishing attacks.

According to a security researcher, users are strongly recommended to regularly check their forwarding settings for any e-mail ids, which they don't identify. If some address is found, it's a positive indication that the account has been hacked and they should instantly modify their passwords, as reported by Softpedia on June 3, 2011.

Unluckily, Yahoo Mail users were also attacked by the campaign that tried to steal users' cookies to gain access to their private e-mail accounts. During the attack, cybercrooks dispatched Yahoo Mail users an e-mail enclosing 2 attachments, one being a malware ridden document and the second one being a faulty cross-site scripting exploit, eventually rendering the attack ineffective.

Commenting on the matter, Nart Villeneuve, Senior Threat Researcher at Trend Micro stated that, the varied series of attacks against e-mail services shows that the crooks are finding novel and progressively complex techniques to gain access to users' e-mail accounts and access their private details, as reported by CRN on June 3, 2011.

He further added that, these events show that besides targeted attacks that direct users towards malware ridden attachments, generally PDF and .DOC files, crooks are trying to exploit flaws in famous web mail services to hack webmail accounts, to view details and to access information to plan future attacks.

Interestingly, Trend Micro's report of attacks on Hotmail and Yahoo comes few days after Google notified regarding a series of attacks on its Gmail service, which attacked the accounts of both government personnel as well as political activist groups.

Villeneuve stated that, although there was resemblance in the attacks, Gmail could not find proof directly associating the Hotmail and Yahoo Mail operations to the Gmail case, as reported by V3 on June 3, 2011.

Related article: Yahoo Gets “Yam”med by a Worm

» SPAMfighter News - 14-06-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next