Slashdot Mirror

← Back to Stories (view on slashdot.org)

Massive Phishing Campaign Hits Multiple Email Services

Posted by Soulskill on from the nowhere-to-run-to-baby dept.

nandemoari writes "It seems as if the massive phishing campaign reported yesterday was not specific to Hotmail, as was initially believed. According to a report by the BBC, many Gmail and Yahoo Mail accounts have also been compromised. Earthlink, Comcast, and AOL were also affected. While the source of the latest attacks has not been determined, many are pointing to the same bug that claimed at least 10,000 passwords from Microsoft Windows Live Hotmail. Microsoft has done their part in blocking all known hijacked Hotmail accounts and created tools to help users who had lost control of their email. An analysis of the data from Hotmail showed the most common password among the compromised accounts to be '12345.' On their end, Google responded to the attacks by forcing password resets on the affected accounts."

5 of 183 comments (clear)

  1. Wow! by Anonymous Coward · · Score: 5, Funny

    An analysis of the data from Hotmail showed the most common password among the compromised accounts to be '12345.'

    That's amazing. I've got the same combination on my luggage.

  2. Where are the details? by Kadin2048 · · Score: 5, Insightful

    All of the stories seem to be very short on details. How did the scheme work? How were they getting users to their site instead of Hotmail? Was it something stupid, like a spam email with a link? Or was it DNS forgery or something more subtle?

    Everyone is reporting that it was a particularly big haul for a phishing campaign, but nobody seems to be reporting what the deal was, or why this was more successful than your typical, run-of-the-mill phishing attack.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
    1. Re:Where are the details? by CrossChris · · Score: 5, Informative

      How did the scheme work? How were they getting users to their site instead of Hotmail? Was it something stupid, like a spam email with a link?

      It's trivially easy - remember, the affected fools were Windows "users". There was a huge spam campaign that sent mails that appeared to a casual glance, to come from Hotmail. The mails asked users to log in to "Hotmail" using a convenient link in the email, because their account would soon "time out" if it was not used. When they logged in to the spurious website, they were thanked for their prompt action, and then advised to log out and restart their browser "for security", and then to log in to Hotmail again (which, of course, would work normally).

      There's one born every minute.....

  3. Re:Ban them. by ibsteve2u · · Score: 5, Funny

    People with "12345" or similar passwords should get their own internet, where they would be allowed to share lolcatz and powerpoint chains, play with their purple internet buddy, and zap those cute webmonkeys on banners without hurting themselves.

    Didn't they use to call that "AOL"?

    --
    Orwell: "In a Time of Universal Deceit, telling the Truth is a Revolutionary Act"
  4. 31415 by bzzfzz · · Score: 5, Funny
    News Flash: 10,000 Slashdot accounts compromised in phishing scam. Most common passwords were 31415 and 0xdecafbad.

    Affected users have been placed on an isolated network where they can't do anything but post whinges about Microsoft and Apple to a web server that runs SSL using a self-signed certificate and actually follows the RFCs.