Tens Of Thousands Of Email Usernames And Passwords Posted Online By Phishers

[Peaches]

If you have not already done so, suggest you change your passwords without delay.

Tens Of Thousands of Email Usernames and Passwords Posted Online By Phishers

Hotmail, Gmail, Yahoo, and other email users' accounts exposed

Oct 06, 2009 | 03:37 PM

By Kelly Jackson Higgins

DarkReading

Lists containing tens of thousands of stolen email account usernames and passwords have shown up online over the past few days in what researchers say likely came out of multiple phishing attacks.

Most of the accounts were from Microsoft's Hotmail, but Google's Gmail, Yahoo, Comcast, and Earthlink accounts also showed up on lists posted on Pastebin.com, a site typically used for developers to share code. Neowin reported yesterday that 10,000 or so Hotmail account details being posted online on October 1, and since then, several other lists were discovered that include email accounts from Gmail and the other providers.

Microsoft and Google both confirmed that some of the account information is legitimate, and that the information was likely stolen via phishing scams, not breaches of their mail systems. Just how those phishing scams were executed is unknown so far.

More details on this topic at DarkReading - http://www.darkreading.com/security/vulner...cleID=220301344

Also read this topic at CNET on how to avoid being a victim of an e-mail phishing scam.

*Change passwords regularly

consider using a password manager like LastPass (free) or RoboForm that can generate and manage strong passwords.

* Click cautiously

* Look for secure sites

* Use a phishing filter and good antimalware software.

* Think critically

http://news.cnet.com/security/

[TheTerrorist_75]

10,000 out of how many millions of email addresses show that there aren't too many idiots in this world opening bogus emails. Some day people will learn.

[Peaches]

Maybe security forums such as this one are finally getting through to many users ... I certainly hope so but then there are users who simply cannot be bothered to take the precautions - I have had one person that I know ask me why she should not send her email address to an email request claiming to be from Bill Gates of Microsoft offering money. I told her to begin with Bill Gates is no longer with Microsoft and secondly she had better believe Microsoft does not give away anything or send emails to that effect. She still doubted me but in the end took my advice and deleted the message.

[hitest]

I think it is somewhat akin to natural selection, that is, the stupid computer users get killed off by phishing and hackers.