You've probably seen reports of big webmail phishing attacks over the week. A spokesperson for Message Labs tells murdok, however, that most reports have glossed over a key point to consider. That is that the potential impact on other aspects of victims' online lives are in jeopardy as well.
"The bad guys have more than just access to users' email accounts," says the spokesperson. "They have access to a host of other online services the victims use."
Paul Wood, MessageLabs Intelligence Senior Analyst says, "A user's unique email address is often used to authenticate a number of web sites, including social networking sites and Instant Messaging on a public Instant Messaging (IM) network. If your email address has been compromised, not only should you change the password there, you should also change it on any other site that uses that email address as a log in ID."
If a cybercriminal had the email account information and wanted to take over a related social networking account, all they would have to do is try the password reminder links from the login pages. Then they could use the victim's email to spam, but they could also gain access to other personal information, not to mention use your account to spam social networks as well.
In other phishing-related news, the FBI has charged nearly 100 people in the United States and Egypt as part of Operation Phish Phry," one of the largest cyber fraud phishing investigations ever. murdok has more details on that
Suggest a Correction
Found an error or have a suggestion? Let us know and we'll review it.
No comments yet. Be the first to comment!