Hotmail used to launch extortion scam

A Hotmail user logged into their account this week to find that scammers had deleted all their e-mails except for one, which was from a hacker demanding cash in exchange for restoring the lost information, according to Websense. Websense said this scam is a variant of ransomware, which is a malicious program that encrypts documents on the victim's computer and asks for a payment in order to decrypt the files. Had this been the owner or an employee of a small business, the company's intellectual property (IP) would have been at risk.

Joel Camissar, country manager at Websense ANZ, said that the Hotmail account of the victim is thought to have been hacked after they used a spyware-infected computer in a Spanish Internet cafe. The hackers had deleted everything from their inbox, outbox and removed all their contacts.

View: Full Article @ ZDNet Australia

Report a problem with article
Previous Story

UK Online banking fraud up 8000%

Next Story

World's First 18x SATA LightScribe DVD Burner

30 Comments

View more comments

How about replying with this:

"Dear hacker, I have decided to pay the ransom to get my emails back. Attached is a text file with my PayPal password, in which I have deposited the money.
Yours truely.
Attachment: paypal.txt.exe"

its not hotmail's fault, the computer had spyware etc... im sure some kind of keylogger and then whoever got the data deleted the emails (i doubt they really save them)

Croquant, your "web based interface" security you seem to enjoy would have been exactly as vulnerable to what happened in this story.

This is an example showing how difficult it is to educate people about security.
Most people don't understand and some of them think they understand while they do not.

wait why is a small business owner using hotmail, or any web mail for that reason? use your ISP's POP3 or IMAP main at least sheesh!... and dont store IP on a publich mail system!

Read...

"Had this been the owner or an employee of a small business"

Edit: Beaten to it :)

I kinda feel sorry for the guy, if he had anything of importance there anyway. You shouldn't have to worry that a PC in a cafe is going to keylog your passwords when you dive on it quickly to check your emails. The staff should maintain the systems, if it wasn't them doing it deliberately.

Both the Live Domains and Office Live offerings provide a great solution for small businesses to get free e-mail accounts hosted on Hotmail / Live Mail. It's often a far more functional solution with a lot of advantages (including ease of setting up your own, free domain with Office Live). Many ISPs have pretty bad e-mail services - and I certainly wouldn't count on them to be more secure.

Also - shouldn't these internet cafes be keeping their machines clean? Or maybe they're in on the scam...

Quote - Brandon Live said @ #10.3
Both the Live Domains and Office Live offerings provide a great solution for small businesses to get free e-mail accounts hosted on Hotmail / Live Mail. It's often a far more functional solution with a lot of advantages (including ease of setting up your own, free domain with Office Live). Many ISPs have pretty bad e-mail services - and I certainly wouldn't count on them to be more secure.

Also - shouldn't these internet cafes be keeping their machines clean? Or maybe they're in on the scam...

Quite true, they should be. Most internet cafes I have been to, have drive images. You have to turn off the computer after you leave, and everytime someone else comes along the drive image loads up and therefore anythign that the previous user installed is gone :D

So its usually safer, but I still wouldn't use my email at those cafes.

Quote - markjensen said @ #10.1
Errr... Perhaps you didn't read closely enough:
"Had this been the owner or an employee..."

Perhaps this was couched as a rhetorical question, based on a hypothetical idiocy: Using Hotmail to store IP of any sort is just dumb, but I bet there are plenty who do it.

The article is at fault here as it make assumptions that a) small business employees / owners use Hotmail anyway and b) that they use it to keep IP on and c) that they are so dumb that as well as a) and b) that they would use a internet café PC to access their company mail.

Also dumb is the assumption that as it is like the ransomware that is described, it is the same. Even if someone has their Hotmail store purged because of this malware, how exactly does that affect files on the company machines, which weren't even used? It's crap scaremongering reporting and ZDNet should be ashamed for babbling such technologically ignorant tripe.

i'm not really sure why 'hotmail' is significant, surely any web service is able to be compromised in this way.

if anything, it highlights the dangers of using badly secured public access computers.

i don't really have a great deal of sympathy for victims of these types of scam - the risks are highly publicised and this situation is easily avoided.

I've been using Hotmail for nearly a decade and have always wondered why they didnt offer a backup/restore option. I pay the $25 a year for the extended service, and still dont get backup/restore. Sure wish they would, then this issue, along with many others that restore can offer would go away.

"Oh, so you want me to pay $1000 to restore it? Never mind, MS will do it for free/$25 a year...

Well, they offer you a trash box (at least gmail does), and every mail you delete will be transferede over there and you can back it up/restore, or you can leave it there whereafter it will be deleted after 30 days (at least in gmail).

Tip:
Never delete the messages in trash, they will be deleted after 30 days. And with 2,8GB who needs to delete?

Now if someone hacks into your account, or 31 days after you put a mail in trash, then you have a problem...

Now how often does someone hack into your account and delete everything? Hmmm.... it made frontpage news on neowin, so extremely rarely, right?

Now, how many delete a mail, to find out that they wanted it after 31 days?

What you are asking is simply a trash, where you cannot delete the messages for 30 days or more, only restore them.

Its hard to say how it works James. I remember everyone was blasting Google cos they admitted that they might delete your emails straight away (say instead only deleteing them every month or so or when they need the space). Chances are, the second they delete it, its deleted, but it may still exist in some servers caches.. but how do you know which. or if its complete/accurate. :p

Its complicated.

Quote - Pc_Madness said @ #13.2
Its hard to say how it works James. I remember everyone was blasting Google cos they admitted that they might delete your emails straight away (say instead only deleteing them every month or so or when they need the space). Chances are, the second they delete it, its deleted, but it may still exist in some servers caches.. but how do you know which. or if its complete/accurate. :p

Its complicated. :p

It is not complicated. What James is asking for is simply Trash 1, and Trash 2.
When you delete your files, it goes to Trash 1. When you delete from Trash 1, it goes to Trash 2. But you cannot delete from Trash 2, unless it has gone like a motnh or three, you can only restore. And frankly I don't see the need of having two Trash.

Hopefully Hotmail will help him with a rollback and a password change.

While one should be on the lookout for infections and run anti-spyware, I can't really go as far as to blame a novice user at an Internet café stumbling upon an infected computer. I think the most amazing part here is that the café owner aren't protected and locked down enough so hackers can't just go add a keylogger to them.

Commenting is disabled on this article.