Earlier this week the logins and passwords of 10,000 mostly European hotmail users were posted online. Soon after, reports did the rounds that folks using AOL, Yahoo! Mail, Gmail and services from other providers were also affected and a Gmail spokesperson admitted that the company was also targeted in what the search giant described as an industry-wide phishing scam. Today experts speaking to the BBC say it that the attack is ongoing and may not have been a phishing attack at all.
BBC cites security firm Websense, which says it has noticed a sharp rise in spam e-mails from Yahoo, Gmail and Hotmail accounts, as well as Amichai Shulman from security firm Imperva who says the high numbers of victims suggest that it could have been a key-logging attack.
Why does Shulman think attackers were using key-logging software? Well, despite Microsoft urging all 21 million Hotmail users to change their passwords, some users are still experiencing problems. BBC reader Peter Griffin says that he's still experiencing problems with his compromised Hotmail account even though he's changed the password.
"I checked my account yesterday and found more than 10 e-mails with links [that] were sent from my Hotmail [account] to people from my contacts," Griffin said. After changing his password, he "found an hour later they had sent another six e-mails".
Have you changed your passwords yet?
Thats because it started with hotmail. Then the rest got affected.
Just like that one time with Luke Perry was caught hacking into his bank account.
/cut to flashback
Probably, I just had one of those fake AV's and my mom kept telling me to just pay so that it would go away and stop lagging my computer. I told her i knew it was fake, used MalwareBytes, got it off, and saved my moms credit card. Lol.
But yeah, I can see how people would fall for those, as my mom would have.
Honestly, it's Peter Griffin, I'd be more worried if he wasn't experiencing some sort of problems.