EnterpriseSecurity
SecurityProNews
ITmanagement







Protecting Yourself From Email Phishing Attacks

By Jordan McCollum
Expert Author
Article Date: 2009-10-07

A phishing attack is targeting thousands of web-based email users, according to the BBC and Read Write Web. Tens of thousands of users of each site have already been victimized, with the usernames and passwords available on lists.

The scam to entice the users to offer up their private passwords, phishers imitate legitimate sites and ask for login information. The reports didn't indicate what site the phishers were imitating.

This comes hot on the heels of Gmail dabbling with showing favicons from a few trusted senders. Maybe they should start considering

The first list of 10,000 usernames covered users of Hotmail sites, AOL, Gmail, Yahoo, Earthlink and Comcast email services. But only usernames starting with A and B were included-meaning that there could be hundreds of thousands of other victims.

The lists were originally posted on pastebin.com, a site for sharing snippets of code. The owner of pastebin has removed the lists and plans to put more safeguards against this kind of activity.

Worried your account was affected? A Google spokesperson said:

We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts.

As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them.

If you think your account was affected, change the password. If you use the same password on other accounts, change it there, too.

What do you think? Is there more Google et al. can do to prevent phishing? What can we do to safeguard against it?

Comments
About the Author:
Jordan McCollum is a staff writer for the popular marketing blog Marketing Pilgrim. She has worked in search engine optimization with clients including 3M, Little Giant Ladders and ADP. After graduating from Brigham Young University, Jordan joined the SEO copywriting team at the Internet marketing firm 10x Marketing. After 10x closed its doors in December 2006, Jordan became a freelance writer and Internet marketing consultant specializing in SEO. She also has extensive experience with web analytics, conversion rate enhancement and e-mail marketing.

Newsletter Archive | Submit Article | Advertising Information | About Us | Contact

EnterpriseSecurityNews is an iEntry, Inc.® publication © All Rights Reserved Privacy Policy and Legal