Google explains that “less than 0.08%” of all Gmail users were affected by the bug, which completely reset accounts, even down to the detail offering a welcome message to those users when they first logged on today. They, and especially visitors to the Gmail Help Forum, were not amused.
But there’s good news here. The way Google is explaining it on its Apps Status Dashboard: “Google engineers are working to restore full access. Affected users may be temporarily unable to sign in while we repair their accounts.”
It’s another day, which means (almost inevitably) there’s another malicious email campaign carrying a fake anti-virus attack.
Once again the bad guys are packaging their attack in an email which claims to come from DHL Delivery Services.
A typical email, which has the subject line “Please attention!”, reads as follows:
The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.
You may pickup the parcel at our post office personaly.
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.
Please do not reply to this e-mail, it is an unmonitored mailbox!
DHL Delivery Services.
Attached to the email is a file called label.zip, which Sophos detects as Troj/FakeAV-BEG. Even though there is some peculiar wording (and spelling) in the email it’s possible that some unwary users might fall into the hacker’s trap, and open the malicious attachment.
We are seeing many reports of this attack in our global network of traps right now.
If you receive one of these emails, don’t open the attached file as you could be putting your computer at risk of infection and allowing hackers to compromised your PC.
By Graham Cluley, Sophos
If you’re returning to an overflowing inbox after the Easter holiday weekend, make sure that you don’t fall for the latest scam being distributed widely by spammers.
Emails claiming that recipient’s accounts have been temporarily suspended are being seen around the world today, attempting to trick users into believing that their email account has been accessed by somebody else.
The spammed-out emails try to hoodwink users into running the attached file (Instructions.zip) which is, predictably, carrying a malicious payload.
This e-mail was send by example.com to notify you that we have temporanly prevented access to your account.
We have reasons to beleive that your account may have been accessed by someone else. Please run attached file and Follow instructions
In an attempt to make the email more convincing, the attackers reference the domain name (for instance, example.com) used by the recipients’ email account in the emails they are spamming out.
Sophos detects the malicious attachment proactively as Mal/FakeAV-BT and Mal/BredoZp-B, but users of security products from other vendors would be wise to ensure that they are properly updated and protected.
The hackers are once again using a tried-and-trusted social engineering trick (in this case trying to fool you into believing that your account has been compromised) to lure you into the serious mistake of opening the attached file.
Wiser computer users should have learnt by now that you should always be extremely suspicious of unsolicited attachments.
By Graham Cluley, Sophos
A recent phishing scam resulting in usernames and passwords of Microsoft’s Hotmail, Google’s Gmail, and possibly accounts of AOL and Yahoo users being posted online is cause for concern for anyone who uses any of those services. Rather than panic, though, there are simple ways to avoid becoming a victim or being further victimized, if your account has already been compromised.
Microsoft and Google said the compromised information likely came as a result of a phishing scam, through which millions of people are sent e-mail (often warnings about a fake security breach), asking them to click on a link to take them to a Web site so that they can enter their correct information.
When phishing attacks first became prevalent, the fake sites were often crude imitations of the real things, but these days, they can look exactly like the legitimate site, typically of a bank, a payment service such as eBay’s PayPal, or another financial company. When the user logs in with a username and password, or provides credit card numbers and other confidential data, that information is captured by the e-mail senders, who can use it to impersonate the victims.
In addition to someone being able to read your messages, a risk of having your e-mail account compromised is that many sites will send a lost password to an e-mail address, so if criminals can access your e-mail, they might be able to use it to get passwords from other sites, including financial accounts.
BBC News is reporting that it has seen lists containing more than 30,000 names and passwords, some of which “appear to be old, unused or fake,” but “many–including Gmail and Hotmail addresses–are genuine.” To put this into context, Gmail and Hotmail sites had more than 84 million unique visitors in July. Yahoo Mail had more than 156 million unique visitors, according to ComScore.
Here’s some advice that can help you avoid becoming a phishing victim.
Change passwords regularly
Even if this particular breach hadn’t occurred, many experts recommend that you change your password about every three months. This is as good a time as any to do just that. It’s also a good idea to avoid using the same password on multiple sites, but if you’re one of the many people who have done that, be sure to change your password elsewhere. Gmail asks users to provide them with an alternate e-mail address, so be sure to change the password for that account as well.
As I pointed out in this post about password security, consider using a password manager like LastPass (free) or RoboForm that can generate and manage strong passwords.
If you get an e-mail that appears to be from legitimate site with a request that you click on a link to visit the site for any reason, including updating your security information, think before you click. It might be taking you to a rogue site that captures that information for possible identity theft or other crime. It’s safer to just type in the URL yourself. Be extremely wary of any requests to provide Social Security numbers or credit card information, unless you’re absolutely sure that you’re dealing with a legitimate site. When visiting a site, make sure that the URL is that of the organization.
Look for secure sites
If you’re asked to provide sensitive information such as a credit card number, be sure that the URL begins with “https” (the “s” stands for “security”) and that there is a padlock icon, typically in the lower-right corner of the browser.
Use a phishing filter and good antimalware software
The most recent versions of most browsers, including Microsoft’s Internet Explorer and Mozilla’s Firefox, help filter phishing sites, as do security suites from McAfee, Symantec, TrendMicro, and other companies. Security software also helps protect you against malicious software that can log your keystrokes, or otherwise jeopardize your privacy and security. Make sure that your security software and your operating system are up-to-date.
If something seems too good to be true, it’s almost invariably too good to be true. Think about what you’re about to do on any site you visit, especially if it’s a site you don’t already trust. Never use the same password on an unknown site that you use for e-mail, banking, or other sites where security is essential.
The U.S. Department of Homeland Security’s National Cyber Alert System has additional tips to help you avoid phishing and other social engineering attacks, and ConnectSafely.org has tips to create an manage strong passwords.
by Larry Magid from CNET
IT security and control firm Sophos is warning users to be wary of spam messages using the untimely death of music legend Michael Jackson to harvest unsuspecting computer users’ email addresses for future spam campaigns.
Approximately eight hours after the King of Pop’s death yesterday, SophosLabs witnessed the first wave of spam messages taking advantage of the breaking news in the subject line and body of the email.