Key-logging malware could be behind the recent web mail attack that saw thousands of email addresses and their associated passwords leaked online, according to one security expert. Amichai Shulman, from security firm Imperva, believes that the size of the scam shows that it is not a phishing attack.According to Mr Shulman, the majority of people do not fall for phishing attacks, with only one person falling for such an email in every 1000 sent.
"The vast majority of people do not fall prey to phishing attacks and the success rates are around one per 1,000," he told the BBC. "The fact that even one of these lists contained 10,000 names suggests to me that it was a key-logging scam."
Once downloaded from an infected website, a key-logger will record every keystroke made, which can include login details for webmail services, social networking sites or online bank accounts. Key-loggers can be downloaded automatically, but in most cases the user is tricked into downloading the malware under the guise of a free anti-virus or performance improving program - something that can even occur on trusted websites.
Just last month, the New York Times fell victim to a so-called "malvertising" attack, when it inadvertently displayed an advert telling people they had a virus, before prompting them to download the malware under the guise of "anti-virus" software - an ever increasing problem on an advert filled Internet.
If you are concerned about Phishing scams, please read our anatomy of a Phishing scam to better protect yourself in future.
If it was a keylogger, and your e-Mail address is on that list call your C/C company right away.. also get some new Spyware Removal and AntiVirus software.
I'd change any passwords you've ever used on that computer, whether it be Facebook, PayPal, Online Banking or otherwise
I always thought the password magically get stolen by wishes and dreams.
Uh, no. The passwords were given thru prayers. It was a gift from God.
I always thought the password magically get stolen by wishes and dreams.
The question was 'Was it keylogging or phishing?'. Phishing is not the same as keylogging so don't troll.
Its called "sarcasm"
Its called "sarcasm"
So basically you don't think it was keylogging? If you do think it was probably keylogging, I ponder if you really know what sarcasm is.
Its called "sarcasm"
It would be sarcasm if the only option would be keylogging. It could be phishing as well so his sarcasm is invalid.
Don't get me wrong AV is essentail but don't be lulled into a false sense of security.
Don't get me wrong AV is essentail but don't be lulled into a false sense of security.
Please, re-read my comment.
Im sure they didnt sit for hours checking 20k's worth of keyloggin data, and im sure they didnt only get hotmail data from it. If this is how they got the data, which im sure they didnt.
I wonder if one could sue google for allowing such ads.
Your bank (any bank) and MS do NOT send you emails to enter your details.
Neither do neowin.
http://en.wikipedia.org/wiki/E-mail_spam#S...s_and_estimates
Granted, not all spam is directed at getting your email passwords, but the sheer number of spam and email users does not make 10,000 a very big number. Also, I haven't seen any discussion on just how old or new this list is
1 per 1000 users falling for spam, with millions upon millions of users, it's not hard fetched for the figures to add up without key-logging software being the culprit
This expert is claiming that only 1/1000 fall victim to a phishing scam.
There are 10,000 emails listed. So in order for a phishing scam to get that many email accounts, it would have to hit 10,000,000 inboxes.
10,000,000 inboxes doesn't seem unreasonable to me.
Plus, everyone knows that Keyloggers only go after WoW accounts.
No offense meriam but if you think most people now use AV software you are freakin in a dream. The majority of users that get nailed with this type of attack, be it key logger or phishing are n00bs. These are also the same people that by a pc from dell, HP, etc and take it as is. The use the 90 or 120 day AV trial that comes with the machine, then at the end of the trial, because in most cases the only thing they see is there little icon next to the clock go from green to yellow or red keep going about there day and never bother to look that the trial is expired. So you have people with expired trials, with no clue how to download actual software (even the free stuff from Avast, MS or others) and who will click on every help me get my millions out of africa, check out my new video, look at (insert famous person name here) naked, and get infected. I make my living going from call to call to clean up after these n00bs (and I do make a pretty penny from it), and 99.9% of the time (average 10 virus calls per week at $150 per call), it is someone using an expired trial or the ones i love even better using Norton or Mcafee version from 2000 with definitions from 2000 (2001 when I'm lucky). And when I ask, I get the same response 100% of the time, well doesnt it just do what it needs by just being installed. So you are so wrong if you think that everyone uses AV with current updates.
Again FWIW, I would think compromised systems would be more valuable if they stayed compromised.... With no idea why partial lists were posted in the 1st place -- whether it was a sample that got ripped or what -- it makes more sense if the source was phishing, since once the whistle was blown the scam's over. If whomever got into a 3rd party's servers, or perhaps 100s of thousands of PCs/laptops, why give up a working & potentially still valuable resource?
However the story ends, if all these systems were actually compromised, the big A/V companies will have a free fix advertised to gain new business. If it was phishing that nabbed individual users, Microsoft or some other companies will surely make a big deal of it, with advice to consumers used for PR. Only if it was a 3rd party site that got nailed (or someone working for them), would I expect things to stay quiet -- saved of course for a horror story to be told prospective clients by folks like Shulman. ;-)
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.