Monday, January 30, 2012

Yahoo! email account(s) cracked and potentially incriminating spam sent (case I know of personally); Gmail usage phishing scam is out there, too

Yesterday I learned of a case where an individual’s Yahoo! email account was cracked, and where undesirable emails were sent to others on a list in her name.  This is a situation where the actual account was used, not just where the sender-id was spoofed.  I’m not aware that Yahoo! offers the two-step verification that Google’s gmail does.

In the past, there have been cases where people have been held liable for content sent when their email account was actually cracked.  It’s still an ambiguous situation legally. 

The individual said it took a whole day for the problem to be fixed (apparently by virus removal). The individual says that the password wasn’t cracked by guessing, but probably picked up by a Trojan keylogger or virus.

In a two-step system, the attacker would not be able to log on to a different computer without another verification code sent to a cell phone or stored on a separate list.  But in some scenarios an attacker  (like a “Lisbeth” or a “Nolan” from popular movies and shows) might be able to log on to the user’s system through the Internet (as with buffer overflow) and actually use the target’s computer, an issue typically addressed by regular security updates to an operating system.  

Update:

There is a phishing scam telling users their Gmail space quota is exceeded, with a phony link to click on to increase it pretending to be at Google. Of course it is not.  Major email filters are not marking this one as spam yet.

No comments: