Help
Victims of an industry-wide email scam could have been part of a so-called key-logging attack, according to one security expert.
Amichai Shulman from security firm Imperva said the high numbers of victims suggested this type of attack.
Unlike a traditional phishing scam, which lures people into revealing their details on fake websites, key-logging records individual key strokes.
In some cases the malware could have been downloaded automatically.
The scam was highlighted when several lists, detailing more than 30,000 names and passwords from Hotmail, Google and Yahoo web mail accounts were posted online.
http://news.bbc.co.u...ogy/8294714.stm
Google admits Gmail login details were leaked online
Google has confirmed passwords for online email service Gmail had been harvested by hackers, but downplayed the phishing attack as involving only a "small number" of accounts.
Earlier Tuesday, the BBC reported that both Gmail and Yahoo Mail had been targeted by a large-scale identity theft scam, perhaps the same one that collected between 10,000 and 20,000 passwords from those services as well as from Microsoft's Windows Live Hotmail, Comcast, Earthlink and others.
"We recently became aware of a phishing scheme through which hackers gained user credentials for web-based mail accounts including a small number of Gmail accounts," a Google spokesman confirmed today.
"As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts if we become aware of them."
http://news.techworl...-leaked-online/
http://msmvps.com/ag...?PostID=1730559View the full article
