The highly publicized attacks against Gmail are also plaguing Hotmail and Yahoo users, MSNBC’s Technolog reported Friday. While the attackers are not necessarily affiliated, Trend Micro reported “significant similarities” in the separate cases regarding modes of operation and motive.“The objective of the attackers appears to be to gain access to the target’s Webmail accounts in order to monitor his/her communications and, possibly, to stage future attacks,” said Trend Micro senior threat researcher Nart Villeneuve in a blog post. “In the recent case revealed by Google, the attackers used a phishing attack to gain access to the target’s Gmail account then proceeded to add their own email addresses to the ‘forwarding and delegation settings,’ allowing them to send and receive email messages via the compromised accounts.”
Hotmail security was noted to have problems a few weeks ago, and Yahoo Mail has reportedly been the target of a scheme to steal users’ cookies and gain access to their email accounts. Although both the Hotmail and Yahoo schemes either failed or were fixed, the punch line remains that webmail accounts are under fire.
In order to protect accounts from phishing scams, Villeneuve recommends looking out for spelling and grammar errors “that help indicate that it did not originate from the expected source.” Common scams include posing as the operator’s security team or as Facebook notifications.
Microsoft said that it was not aware of any broad phishing attack against Hotmail users, but assured customers that it “take[s] the security and privacy of [their] customers very seriously.”
Gmail hackers are believed to be from China, Google has reported. The Gmail users targeted included government officials, activists and journalists.
source
