Gmail users targeted in scam attacks

Staff
Wednesday 07 October 2009 10:23 BST
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Scammers have set their sights on Google's Gmail email service after revelations of widespread attacks on Microsoft's Hotmail yesterday.

Google has confirmed that the popular messaging service is the latest victim, and that it too was a phishing scam - which uses fake websites to trick internet users into revealing personal details.

Over 30,000 users of Hotmail, Yahoo and AOL have been affected, but Google says less than 500 of its Gmail users were victims of the scam.

"As soon as we learned of the attack, we forced password resets on the affected accounts," a Google spokesperson said. "We will continue to force password resets on additional accounts when we become aware of them."

It stressed that it was a phishing scam which tricked users into giving away their own passwords, not an internal systems failure, that led to the problem.

Google had the following advice for Gmail users who fear they've been one of the scammer's victims.

"At the same time we encourage users to be very careful when asked to share their personal information. If you suspect that your account has been compromised, we encourage you to immediately change your password and be confirm your secondary email address is still valid (both are accessible in your Google Account settings). If you can no longer sign into your account, you can regain access by answering security questions here.

News of the first Hotmail attacks - which also targeted users of msn and Windows Live - spread after website Neowin.net reported on a 10,000 strong list of usernames and passwords was found online.

The site said the list which ran alphabetically from usernames A to B was posted on pastebin.com, a site where developers post snippets of programming code.

"Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers' credentials were exposed on a third-party site due to a likely phishing scheme," Microsoft said in a statement after the attack was revealed.

"We determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts," the software giant continued.

"Once the attackers gain user credentials, they can easily access and modify the affected accounts as they desire," said the spokesperson, "this may include changing a user's contact list, altering the inbox, or even deleting the account."

"To keep your Google account secure online, we recommend you only ever enter your Gmail sign-in credentials to web addresses starting with https://www.google.com/accounts and never click-through any warnings your browser may raise about certificates. We also provide the option to run Gmail sessions using https and strongly encourage users to update their secondary email address and SMS recovery option in case their account is compromised

Source: NZ Herald

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in