Hacked Web mail accounts used to send spam

There has been a marked increase in the amount of spam e-mails being sent from Yahoo, Gmail, and Hotmail accounts, according to analysts at Websense Security Labs.

Websense said on Thursday that personalized spam e-mails had been sent from the compromised accounts to all of each user's contacts. The e-mails contain links to fake shopping sites, intended to capture sensitive information from the reader.

Earlier this week, Microsoft acknowledged that 30,000 Hotmail accounts had breached, and suggested the passwords for the accounts had been obtained in a phishing scam.

However, some security experts believe that the password breach cannot be attributed to phishing. Amichai Shulman, chief technology officer for security firm Imperva, told ZDNet UK on Friday that the information was likely to have been obtained through key logging.

"The quantity of people hit makes me think that it was key logging--the success rate for phishing is only about one in 1,000," said Shulman. "Secondly, when I went through the list of email account credentials...

Read more of "Hacked Web mail accounts used to send spam" on ZDNet UK.

[redmarine]

This could probably explain why I got so much spam comments in my YouTube videos.

[janikajala]

It could be also that the accounts were created originally just for sending spam. Lots of people are selling and buying accounts in big quantities.

[gerbercon]

After reading this article I'm going to click on the ad that offers to scan my PC...not.

[as-df]

My apologies if this has already been addressed, but I haven?t seen the answer.

How do I tell if a specific account was on the list? Overall, this situation calls for a general reminder to all our people about appropriate security. However, if one (or more) of us was hacked I need to approach that / those individuals somewhat differently.