Phishing attack targets Hotmail

Thousands of accounts on web-based e-mail system Hotmail have been compromised in a phishing attack, software giant Microsoft has confirmed.

BBC News has seen a list of more than 10,000 e-mail accounts, predominantly originating from Europe, and passwords which were posted online.

Microsoft said it had launched an investigation.

Phishing involves using fake websites to lure people into revealing details such as bank accounts or login names.

"We are aware that some Windows Live Hotmail customers' credentials were acquired illegally and exposed on a website," said a Microsoft spokesperson.

"Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers."

- source: news.bbc.co.uk/2/hi/technology/8291268.stm


Google targeted in e-mail scam


Google's web-based e-mail system, Gmail, has been targeted as part of an "industry-wide phishing scheme".

The firm said that it had immediately safeguarded the affected accounts.

BBC News has seen two lists that detail more than 30,000 names and passwords from e-mail providers, including Yahoo and AOL, which were posted online.

The lists also include details of thousands of Microsoft Hotmail users. Google said fewer than 500 of its accounts had been affected by the scam.

However, the search giant revealed that it had discovered a third list, but would not say how many accounts it showed.

Phishing involves using fake websites to lure people into revealing data such as bank account details or login names.

"We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts," said a Google spokesperson.

"As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them."

The firm stressed that the scam was "not a breach of Gmail security" but rather "a scam to get users to give away their personal information to hackers".

Source: news.bbc.co.uk/2/hi/technology/8292928.stm

Stay alert..especially to my non-tech savvy buddies.