Spammers Attack Web-mail Accounts at Gmail, Yahoo! and Hotmail

According to researchers at a web security company 'Websense,' there is a steep rise in spam mails being sent from Gmail, Hotmail and Yahoo accounts.

A few days back a phishing scam spread across the industry, exposing passwords and account information of several thousand web-mail accountholders.

Carl Leonard, Security Specialist at Websense, said in an interview with BBC that cyber criminals, particularly hackers, were infecting e-mail accounts and using them to dispatch targeted or personalized e-mails carrying web-links to shopping sites. However, the links were phony as they tried to steal private data of the recipients, as reported by Telegraph on October 7, 2009.

Moreover, Websense Security Labs e-mailed to CNET UK, stating its conviction that criminals had compromised the web-mail accounts for distributing spam.

Websense explained - spammers were sending their messages from accounts of e-mail users to all the IDs in their address books, thus giving people an impression that a known person or friend was sending them messages. The company had identified a remarkable growth in spam mails originated from Gmail, Hotmail and Yahoo in the recent days.

All three companies - Gmail, Hotmail and Yahoo - have assured that action has been taken to protect hacked user accounts, while the companies held phishing attacks responsible for the leak.

According to Websense, people need to remain wary of such attacks and suggested that e-mail recipients verify from their friends prior to following any given link. They should look for 'https' in the URL addresses to make sure that websites are secured.

Following an incident of several phishing attacks in a row against users of Hotmail and other web-mails, online security specialists stated that user awareness was important. According to them, e-mail security didn't just involve effective firewalls and anti-spam filters, but also users' ability to identify scams and frauds.

They further stated that phishing attacks used techniques of imitating or spoofing genuine organizations to convince and trick users into revealing their personal data like e-mail passwords or bank account details.

Related article: Spammers Continue their Campaigns Successfully

» SPAMfighter News - 10/27/2009