[Cialug] Time to change your passwords.

[Josh More]

Generally, yes, you are correct.  However, bear in mind that these
accounts do more than just email these days.  It's not unusual for
Google, Yahoo or MS to legitimately release services and say "just login
with your Hotmail/Google/Yahoo ID".  That's not a hard thing to fake. 
You can direct people to gooogle.com, g00gle.com, googgle.com, etc and
most wouldn't notice.  Sure, you can type everything in every time, but
would the average user know that flickr.com, delicious.com, del.icio.us
and yahoo.com are all legitimate, but weelble.com might not be?

All they need is to trick the user once, and get access.  They can then
leverage that access to send email to that user's contacts and direct
them to a malicious site, and the attack just keeps spreading out.

(There is also emerging evidence that a keylogger may also have been
involved.)



-Josh More, RHCE, CISSP, NCLP, GIAC 
 morej at alliancetechnologies.net 
 515-245-7701

>>> kristau <kristau at gmail.com> 10/06/09 6:04 PM >>>
On Tue, Oct 6, 2009 at 3:00 PM, Josh More
<morej at alliancetechnologies.net> wrote:
> In case you hadn't heard, it looks like the big phishing attack that
we
> thought only hit Hotmail also impacts Yahoo, AOL, and Gmail accounts
> (and likely others).

Isn't a phishing attach defined as an attempt to trick someone into
giving up their password by sending an e-mail with a crafted link? If
so, then always logging in to your gmail, hotmail, yahoo, et al
accounts by first typing the URL in the address bar should protect you
against such an attack.

Or is this a new type of phishing? If so, please share the details ;)

-- 
Tired programmer
Coding late into the night
The core dump follows
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug