Click to Play

What Retailers Can Do to Prepare...
Although retailers are currently focused on Q4 and the upcoming holiday season, now is also the time to start preparing for 2010. Meyar Sheik, the CEO of Certona, tells...

Top Security News

SEO And Wordpress Security
In recent weeks wordpress security, or more correctly the lack of wordpress security has been getting a lot of attention. While most people consider this...

Adding Needed Security To SMS And PayPal
I bought my early-bird ticket for Reading Twestival this morning, paying for it via PayPal. The simple purchase transaction I completed in a couple of minutes...

Addressing Security Concerns In Real Time Can...
Karen Mazurkewich suggests that Rapid Response is the key to online success. Unfortunately a factor that weighs against online ecommerce is that Canadians are more wary about online security. Online retail sales...

Huge Security Flaw Within Tag Based Systems
Louis Gray pointed out a new reading system yesterday called Lazyfeed, and overall I am pretty happy with it, but like all tag based reading systems, spammers...

10.07.09

Protecting Yourself From Email Phishing Attacks

By Jordan McCollum

A phishing attack is targeting thousands of web-based email users, according to the BBC and Read Write Web. Tens of thousands of users of each site have already been victimized, with the usernames and passwords available on lists.

The scam to entice the users to offer up their private passwords, phishers imitate legitimate sites and ask for login information. The reports didn't indicate what site the phishers were imitating.

This comes hot on the heels of Gmail dabbling with showing favicons from a few trusted senders. Maybe they should start considering

The first list of 10,000 usernames covered users of Hotmail sites, AOL, Gmail, Yahoo, Earthlink and Comcast email services. But only usernames starting with A and B were included-meaning that there could be hundreds of thousands of other victims.

The lists were originally posted on pastebin.com, a site for sharing snippets of code. The owner of pastebin has removed the lists and plans to put more safeguards against this kind of activity.

Worried your account was affected? A Google spokesperson said:

We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts.

As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them.

Download a Free Trial of Ektron CMS400.NET

If you think your account was affected, change the password. If you use the same password on other accounts, change it there, too.

What do you think? Is there more Google et al. can do to prevent phishing? What can we do to safeguard against it?

Comments

About the Author:
Jordan McCollum is a staff writer for the popular marketing blog Marketing Pilgrim. She has worked in search engine optimization with clients including 3M, Little Giant Ladders and ADP. After graduating from Brigham Young University, Jordan joined the SEO copywriting team at the Internet marketing firm 10x Marketing. After 10x closed its doors in December 2006, Jordan became a freelance writer and Internet marketing consultant specializing in SEO. She also has extensive experience with web analytics, conversion rate enhancement and e-mail marketing.
About EnterpriseSecurityNews
Security news and updates for your enterprise		 iEntry





EnterpriseSecurityNews is brought to you by:

SecurityConfig.com NetworkingFiles.com
NetworkNewz.com WebProASP.com
DatabaseProNews.com SQLProNews.com
ITcertificationNews.com SysAdminNews.com
LinuxProNews.com WirelessProNews.com
CProgrammingTrends.com ITmanagementNews.com






-- EnterpriseSecurityNews is an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2009 iEntry, Inc. All Rights Reserved Privacy Policy  Legal

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article


Enterprise Security News News Archives About Us Feedback EnterpriseSecurityNews Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact