Read more.Google has now confessed that its free Gmail service was also affected by a recent phishing scheme that rendered 10,000 to 20,000 email accounts - including Hotmail, Yahoo and others - exposed.
Read more.Google has now confessed that its free Gmail service was also affected by a recent phishing scheme that rendered 10,000 to 20,000 email accounts - including Hotmail, Yahoo and others - exposed.
I'd love to know more details on this, is it that they simply setup sites that looked like Gmail/Hotmail et al or is more complex at that?
(\___/) (\___/) (\___/) (\___/) (\___/) (\___/) (\___/)
(='.'=) (='.'=) (='.'=) (='.'=) (='.'=) (='.'=) (='.'=)
(")_(") (")_(") (")_(") (")_(") (")_(") (")_(") (")_(")
This is bunny and friends. He is fed up waiting for everyone to help him out, and decided to help himself instead!
It was keyloggers IIRC, think it was on the BBC yesterday or the day before. Clicking on the "scan computer" popups and suchlike
There were multiple scams involved in these phishing attacks. The emails all have the right logo, usually the company's standard disclaimer and all but the target link goes back to the original company. The English is good and the URL contains the company name at the front.
Here is a summary of a few phishing emails.
1) There is a video/picture of you click here.
2) Due to criminal attacks we have improved our security you now need to verify your account.
3) There is suspicious activity on your account login or we will delete your account.
The person clicks on a link that takes them to a very convincing spoof website. They login and the criminals use an automated process to capture that information. Then they access the person's accounts, change their email and passwords, access the contacts and sends out emails from that person's account usually something similar to "there is a video" email. And because those contacts know the person sending them the email they click.
The important thing to note is how sophisticated that the systems are becoming. The phishing, gather data and using that data has become automated. The quality of the spoofing, English etc is very good.
So, it isn't that people are stupid. They could be tired, in a rush, see that their email account is going to be deleted- react before they think or just inexperienced/naive users.
There are currently 1 users browsing this thread. (0 members and 1 guests)