Web mail scam propagates itself

The BBC reports:

The industry-wide phishing scam that has affected popular web mail services such as Hotmail and GMail, is spreading, according to experts.

Security firm Websense says it has noticed a sharp rise in spam emails from Yahoo, Gmail and Hotmail accounts.

This is because infected accounts are sending personalised e-mails to contacts suggesting shopping sites, which are in fact fakes.

[…]

Peter Griffin found his Hotmail account had been compromised on Tuesday. He is currently unemployed and is worried that he has been sending spam to prospective employers.

“I checked my account yesterday and found more than ten e-mails with links [that] were sent from my Hotmail [account] to people from my contacts,” he told the BBC.

Despite changing his password, he “found an hour later they had sent another six e-mails”.

One security expert thinks victims of the scam could have been part of a so-called key-logging attack.

Amichai Shulman from security firm Imperva said the high numbers of victims suggested this type of attack.

Read more on The BBC.

About the author: Dissent