Phishing attack spreads to Gmail and Yahoo

The phishing attack that saw thousands of Hotmail users’ account details posted on the internet has spread even further, with Google and Yahoo users now victims of the same campaign.

The attack should serve as a warning to businesses about internet safety standards, including the use of internet usage guidelines, industry experts says.

Just hours after Microsoft wrote on a company blog about the attack, Google and Yahoo wrote statements of their own warning Gmail and Yahoo Mail users to change passwords after the list of Hotmail user account details grew to include other providers.

“We recently became aware of a ‘phishing’ scheme through which hackers gained user credentials for web-based mail accounts including a small number of Gmail accounts,” Google said in a statement.

“As soon as we learnt of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts if we become aware of them.”

“Phishing” refers to an activity where hackers will send users an email acting as a reputable company, such as Google or Microsoft, but the actually purpose of the message is to obtain private account details.

The attack over the weekend seems to have been successful for the hackers, with a list of 10,000 account details posted on coding site pastebin.com, with most of the emails based in Europe.

“We are aware that a limited number of Yahoo IDs may have been made public,” Yahoo said in a statement. “Online scams and phishing attacks are an ongoing and industry-wide issue.”

A pastebin.com administrator confirmed in a blog pot that the list was posted on the site, but said the site was “created as a tool to aid software development, not to distribute this sort of material”.

“As a result of the interest this story is generating, pastebin.com is experiencing huge levels of activity – as a result I took it offline to ensure all the offending material has been removed, and have adjusted the abuse filters prevent re-occurence.”

The three companies said hackers did not breach any databases, but stressed to its users they should change their passwords frequently and avoid opening emails and attachments from unknown users.

“We encourage users to be very careful when asked to share their personal information,” Google said.
Founder of software-as-a-service provider Smartpath, David Hodges, says the phishing attack should warn businesses about internet safety issues.

“This attack isn’t specifically related to cloud-computing based issues, or online storage, it’s a general internet security issue. Businesses must ensure strange emails are not opened, passwords are being changed regularly and there are good virus protectors on their servers. It comes down to good governance within organisations.”

Paul Wallbank, IT expert and SmartCompany blogger, says businesses must ensure they have secure passwords, even if that means using different pass codes for different programs.

“We shouldn’t assume this attack is just limited to Gmail and Hotmail, it could be happening with a variety of things including servers. So businesses need to be aware that they need strong passwords, and if there is any hint of a hack they need to change all of them. If you have remote access into your small business server, you need strong passwords and you might look at disabling the remote administrator login.”

COMMENTS