A huge spike in webmail spam has been detected after passwords were published earlier this week.
Following news earlier this week where thousands of Hotmail, Gmail and Yahoo passwords were stolen and posted online, Websense Security Labs has detected a marked increase in the number of spam emails which have been sent from Yahoo!, Gmail and Hotmail accounts over the last few days.
It claimed that the spam emails are being sent from user accounts to contacts in their address book – so people will think the email came from a friend or known contact. This spam email recommends a product and invites the reader to click on a link to a fake shopping site to buy the goods.
Carl Leonard, EMEA threat manager at Websense, said: “This is just another example of online fraudsters becoming increasingly adept at gaining personal and confidential information from unsuspecting victims. Websense Security Labs have found that 37 per cent of malicious web attacks over the last six months included data-stealing code, demonstrating that attackers are clearly after essential information and personal data.”
Patrick Runald, security research manager at Websense, claimed that this sort of ‘electronic spam' has been going on all year but it started picking up six to seven days ago and it coincides with the lists of passwords being made public on the internet.
Runald said: “Is this a coincidence? We think that people got hold of the lists and used the accounts, or it could be the same people who were behind the compromise, but the spam increased at the same time as the passwords were made public.
“The domains that we are tracking have all been set up in the last two months, and they look like a legitimate store, but will sell an Apple Macbook Air for £4-500 so much less than the retail price, but it looks real and is fooling users who are saying online that they placed an order and it never arrived. This is essentially a scam and that unfortunately seems to work.”
Runald further claimed that Websense has seen a decline in phishing with cybercriminals preferring to use password-stealing Trojans that work better than phishing emails.
“We do not have any proof of this but it does not mean that it did not happen. We can hear what Microsoft and Google are saying, my educated guess is that this has been going on for a while,” said Runald.