Yesterday all 21 million Hotmail users were encouraged to change their passwords when the login details of 10,000 mostly European users were posted online. Today we learn that Microsoft's Hotmail was not the only email provider targeted in the attack.
The BBC today reports that it has received confirmation from Google that Gmail was also targeted in what the search giant described as an "industry-wide phishing scam."
"We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts," a Google spokesperson told the Beeb. "As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them."
Google went on to say that the scam was not a breach of Gmail security but "a scam to get users to give away their personal information to hackers."
The news comes following a previous report in which the BBC claimed to have seen a list of 20,000 logins and passwords for Hotmail, Yahoo, AOL, Gmail and other accounts. This number has since crept up to 30,000.
I think I speak for everyone when I say, 'Ugh!' There's nothing more annoying than a phishing scam that forces you to change your passwords for everything 'just in case.'
While you are correct that a DNS hijack could occur, I was simply referring to the context of the article. Regardless of the fact that DNS hijacking is a much less effective way of securing user information than phishing (it's also less prevalent) , but if somehow someone did manage to compromise your system and change your DNS settings you have much larger problems.