Homes and Property | Home Page

Hotmail password thefts blamed on 'phishing'

12 April 2012

The theft of passwords for more than 10,000 Hotmail accounts was blamed on an online scam today.

Microsoft said a so-called "phishing" attack was responsible for the mass acquisition of log-in details that were later published online.

The technology giant said none of its servers was responsible for the security breach and individuals were conned into handing over their details.

Up to 21 million people and businesses who use the Hotmail service in the UK were warned they are potentially at risk of being defrauded after passwords were acquired illegally.

Around 10,000 passwords were obtained by hackers who created a fake website identical to Hotmail's to fool users into entering their email address and password in a 'phishing' scam.

Reports now claim that another list of over 20,000 email addresses and passwords is circulating, which contains the details for Gmail, Yahoo! Mail, AOL, Comcast and Earthlink accounts.

Hotmail Officials blocked access to all of the accounts listed, including Hotmail, Windows Live and MSN web-based email accounts.

Users who have lost use of their email were being directed to an online registration form to reclaim access.

Phishing attacks are becoming increasingly common online and pose a serious threat to all internet users.

Hackers and cybercriminals attempt to trick people into handing over personal details, including email addresses and passwords.

Internet users may be directed to false websites, set up to mirror legitimate websites, that feed valuable information back to the criminals.

News of the scam broke yesterday when technology blog neowin.net reported an anonymous user had published confidential details on pastebin.com.

The list detailed more than 10,000 accounts starting from A through to B, suggesting further details may be held.

Internet users are urged to change their passwords regularly and ensure anti-virus software is up to date to protect themselves from fraudsters.

A Microsoft spokesman said: "We are aware that some Windows Live Hotmail customers' credentials were acquired illegally by a phishing scheme and exposed on a website.

"Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation.

"As part of that investigation, we determined that this is not a breach of any Microsoft servers.

"Subsequently, we are taking measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts."

She added: "Phishing is an industry-wide problem and Microsoft is committed to helping consumers have a safe, secure and positive online experience."

:: If your account has been blocked visit: http://tinyurl.com/5myxyw

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Sign up you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy notice .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in

MORE ABOUT

Microsoft
Microsoft Excel
Microsoft Xbox