This article is from the source 'bbc' and was first published or seen on . It will not be checked again for changes.
You can find the current article at its original source at http://news.bbc.co.uk/go/rss/-/1/hi/technology/8292928.stm
The article has changed 12 times. There is an RSS feed of changes available.
| Version 1 | Version 2 |
|---|---|
| Google targeted in e-mail scam | Google targeted in e-mail scam |
| (30 minutes later) | |
| Google has confirmed to BBC News that its e-mail system - Gmail - has been targeted as part of an "industry-wide phishing scheme". | Google has confirmed to BBC News that its e-mail system - Gmail - has been targeted as part of an "industry-wide phishing scheme". |
| The search giant said that it had taken immediate action to safeguard the affected accounts. | The search giant said that it had taken immediate action to safeguard the affected accounts. |
| Phishing involves using fake websites to lure people into revealing data such as bank account details or login names. | Phishing involves using fake websites to lure people into revealing data such as bank account details or login names. |
| BBC News has seen two lists that detail more than 30,000 names and passwords that have been posted online. | BBC News has seen two lists that detail more than 30,000 names and passwords that have been posted online. |
| "We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts," said a Google spokesperson. | "We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts," said a Google spokesperson. |
| "As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them." | "As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them." |
| The firm stressed that the scam was "not a breach of Gmail security" but rather "a scam to get users to give away their personal information to hackers". | The firm stressed that the scam was "not a breach of Gmail security" but rather "a scam to get users to give away their personal information to hackers". |
| 'Industry problem' | 'Industry problem' |
| The phishing scam was originally thought to target just Hotmail users. | The phishing scam was originally thought to target just Hotmail users. |
| It was brought to light when 10,000 Hotmail addresses were posted online at Pastebin, a website commonly used by developers to share code. | It was brought to light when 10,000 Hotmail addresses were posted online at Pastebin, a website commonly used by developers to share code. |
| I'd... recommend that people change the password on any other site where they use it Graham CluleySecurity consultant Phishing attack targets Hotmail | I'd... recommend that people change the password on any other site where they use it Graham CluleySecurity consultant Phishing attack targets Hotmail |
| The list was reported by technology blog Neowin. | The list was reported by technology blog Neowin. |
| However, a second list of 20,000 names has since emerged containing e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail and other service providers. | |
| Some of the accounts appear to be old, unused or fake. However, BBC News confirmed that many - including Gmail and Hotmail addresses - were genuine. | Some of the accounts appear to be old, unused or fake. However, BBC News confirmed that many - including Gmail and Hotmail addresses - were genuine. |
| Other addresses include Comcast and Earthlink accounts. | Other addresses include Comcast and Earthlink accounts. |
| It is not clear whether the new list was part of the same phishing attack that collected the Hotmail addresses or a separate scam. | It is not clear whether the new list was part of the same phishing attack that collected the Hotmail addresses or a separate scam. |
| A spokesperson for Microsoft said phishing was an "industry-wide problem". | A spokesperson for Microsoft said phishing was an "industry-wide problem". |
| "Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software." | "Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software." |
| Both lists have since been removed. | Both lists have since been removed. |
| However, security expert Graham Cluley of Sophos advised users to change their passwords as soon as possible. | However, security expert Graham Cluley of Sophos advised users to change their passwords as soon as possible. |
| "I'd also recommend that people change the password on any other site where they use it," he said. | "I'd also recommend that people change the password on any other site where they use it," he said. |
| About 40% of people had the same password for every website they used, he added. | About 40% of people had the same password for every website they used, he added. |