Monday, October 5, 2009
Hackers expose slew of Hotmail acount passwords
Cyber-crooks evidently used "phishing" tactics to dupe users of Microsoft's free Web-based email service into revealing account and access information, according to the US technology giant.
"We are aware that some Windows Live Hotmail customers' credentials were acquired illegally by a phishing scheme and exposed on a website," Microsoft said in response to an AFP inquiry.
"We have taken measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts."
Microsoft said it learned of the problem during the weekend after Hotmail account information of "several thousand" users, many of them reportedly in Europe, was posted at a website.
Phishing is an Internet bane and involves using what hackers refer to as "social engineering" to trick people into revealing information online or downloading malicious software onto computers.
Phishing tactics include sending people tainted email attachments that promise enticing content such as sexy photos of celebrities and luring people to bogus log-in pages that are convincing replicas of legitimate websites.
"This was not a breach of internal Microsoft data," the Redmond, Washington-based technology firm said.
"Phishing is an industry-wide problem ... exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and install and regularly update anti-virus software."
Microsoft is also advising Hotmail users to change their account passwords every 90 days