Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • IT Management

    Fighting Phishers in Light of Gmail, Yahoo, Hotmail Password Leaks

    By
    BRIAN PRINCE
    -
    October 6, 2009
    Share
    Facebook
    Twitter
    Linkedin

      A day after reports surfaced that 10,000 Microsoft Windows Live Hotmail user credentials had been stolen and posted online, the BBC has reported seeing a list of some 20,000 e-mail accounts and passwords belonging to users of Google Gmail, AOL, Yahoo Mail, Comcast and Earthlink. In both cases, officials laid the blame for the data exposure on phishers.

      “We recently became aware of a phishing scheme through which hackers gained user credentials for Web-based mail accounts including a small number of Gmail accounts,” a Google spokesman said. “As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts if we become aware of them.”

      Similarly, officials at Yahoo confirmed a phishing attack had claimed user credentials and urge the public to review information Yahoo has on e-mail safety. Among other things, the company recommends users be wary of pop-up warnings and avoid clicking on them if they look suspicious.

      “Online scams and phishing attacks are an ongoing and industry-wide issue and Yahoo takes great effort to protect our users’ security,” the spokesperson said. “We urge consumers to take measures to secure their accounts whenever possible, including changing their passwords.”

      In addition, Google reminded users to only provide Gmail log-in information to sites starting with https://www.google.com/acounts and never to click through any warnings their browsers may raise about certificates.

      Paul Wood, MessageLabs Intelligence senior analyst for Symantec Hosted Services, noted that the impact of phishers getting their hands on this kind of information can be widespread, going beyond the accessing of the actual e-mail accounts.

      “Apart from accessing the user’s Webmail accounts, e-mail addresses are commonly used to log into social networking sites,” Wood said. “So with a successful phishing attack, the bad guys not only gain access to an individual’s e-mail account, but also a variety of other sites that may be linked to that account. People should be advised not to share the same password for these sites and should change their passwords at least every 90 days.”

      The attack also had a side effect – it showed that many users are utilizing weak passwords to protect their accounts. According to an analysis by Acunetix, 42 percent of the roughly 10,000 Hotmail passwords were “lower alpha” – meaning they contained only letters. Nineteen percent contained only numbers, and the most common password was 1,2,3,4,5,6.

      “As we can see…a big majority of Internet users still use very poor passwords,” blogged Bogdan Calin of Acunetix.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×