EEX'S Morning News---EMERGENCY STORY!

[SupaGreenMushroom]

This just in!A massive phising attack has just hit major email sites!This is the story, credit to Enterprise Security Today:

 

 

 

Phishers have moved beyond Hotmail and posted thousands of e-mail details from other sites' date=' including Gmail, Yahoo, AOL Mail, Verizon and others. It's unclear who may be behind the attacks, but security researchers warn that the phishing could be the first step toward a bigger Web attack. The situation is fluid, and the phishing may not be over.

 

 

In a situation that may still be developing, major phishing exploits have hit webmail services over the past few days, including Gmail, Hotmail, Yahoo, AOL Mail, and others. As usual with mass phishing attacks -- which aim to trick people into surrendering personal details about their online identities -- it's unclear what group or groups are behind the initiatives.

The one thing that is certain is the attacks are big.

 

"This is on a scale that is incredibly rare," said Mike Halsey, who runs The Long Climb, a PC support site in the U.K. "I don't think it's ever happened to this extent before, at least that I'm aware of."

 

A Fluid Situation

 

The situation is unfolding rapidly. Halsey said a couple of days ago the site www.neowin.net reported that PasteBin.com had posted personal details of about 20,000 users of Microsoft 's Hotmail, MSN and Windows Live services. Then on Tuesday, details about an additional 20,000 subscribers to Gmail, Yahoo, AOL Mail, Verizon and others were posted at the same site. The posts are now off-line.

 

It's possible the criminals have details on many more users that they haven't disclosed.

 

Details are sketchy, and there is no certainty that the problems are over. Sean-Paul Correll, a threat researcher with Panda Security, said he didn't see any of the data from the attacks. But he noted that phishing attacks are often precursors to other initiatives.

 

"It is fairly common that this would be the first stage of a larger attack. They use these e-mail addresses for something else," he said. Correll added that identifying what group or groups are responsible depends upon seeing more of the infrastructure -- such as the scripts they are using -- than just e-mail addresses. He wasn't sure what information might be available to researchers.

 

A Focus on Browser Security

 

The next move is up to the criminals. Halsey pointed out that browser security is vital and the size of the apparently ongoing phishing attacks should serve as a warning to browser vendors, including Microsoft, Opera, Apple and Mozilla. Luckily, these companies are focusing on improving the security of their products.

 

While Halsey isn't too worried about this week's activities, he is concerned about the long-term impact. "I would say this is probably isolated," he said of the phishing attacks. "The danger is that people pay a lot of attention when something like this is publicized but forget too quickly and do not learn. ... They shouldn't panic, or stop banking on the Internet or shopping on the Internet, as long as they are careful."

 

He added that good advice is available from a number of sources, including the British government, the FBI, and his site.

 

The key, according to Halsey, is to address the problem. "It is worrying from my point of view," he says. "It says people are not aware enough of what the threats are and that Internet service providers and major technology companies are not doing enough to warn people what the dangers are and how to avoid them, which is disappointing." [/quote']

[♥ ЅϯᵲåώӀӞ℮ᴙʀɣ−ɴɨɨ−ƈħåɴ ♥]

It's phishing. As long as you're not a complete idiot as to writing out personal information or falling for their stupid traps, you're fine.

[Necro Pheonix]

What...does emailing george washington your full name, address, bank account number, social security number, and a picture of your ID count as "giving out personal imformation", if so, oops.

 

But, honestly, i agree with Mia. PLus, the nerds working all the email sites should have made it better.

[OMGAKITTY]

lrn2ackbar

[Zimiri of the Muse]

uh-oh warn cyber altair

It's phishing. As long as you're not a complete idiot as to writing out personal information or falling for their stupid traps' date=' you're fine.

[/quote']

anyway i dont think anyone should be dumb enough to fall for that phishing

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

[spoiler=]jk i like meh head on meh body

 

[Silver The Hedgehog]

lrn2ackbar

This.

[Amethyst Phoenix]

[fenrir]

lrn2ackbar

 

Once again, OMGAKITTY speaks us his words of wisdom.

[六兆年と一夜物語]

Damn it, I think their on to me.

 

Wait, did I just say that out loud?