AOL Money & Finance

Phishers using new lures

Posted Oct 28th 2009 1:50PM by Tom JohansmeyerTom Johansmeyer RSS Feed
Filed under: Bad news, Google (GOOG), Microsoft (MSFT), Yahoo! (YHOO), Time Warner (TWX), International Business Machines (IBM)

More

Your e-mail account is a goldmine. Technology companies push hard to keep your data secure, but there are plenty of scumbags out there who always seem to find a new way to gain an edge over the guys in white hats. Phishers, in particular, are eager to find new ways to profit from your identity and information, and they're getting some new tricks.

Phishing scam activity was quiet at the beginning of this year, according to a report in USA Today, but these attacks surged 200% from May through September, says the X-Force team at IBM (NYSE: IBM). Webmail, social media and gaming accounts are their primary targets. E-mail access, in particular, is highly sought after, since they can be use to push out spam ... while bypassing filters.

These "virgin" e-mail accounts command top dollar: a digital criminal can pick up as much as $2 for a clean account from Microsoft (NASDAQ: MSFT) Windows Live, Google (NASDAQ: GOOG) Gmail, Yahoo (NASDAQ: YHOO) YahooMail or AOL (NYSE: TWX). This is more than twice the amount typically paid for a stolen credit card account, according to Fred Rica, principal in the security practice at PricewaterhouseCoopers. Many webmail users actually do half the criminals' job for them, with 33% using just one password online and 48% using only a handful.

In addition to being able to push millions of messages through a clean account and sidestepping spam filters, online snoops can use the data you've stored in your e-mail folders to hunt for other username and password data, for your social networking accounts, for example. Also, the account can be used to reset passwords for these accounts, engineering easier access. So, losing your e-mail password can translate to compromised MySpace, Twitter and Facebook accounts, as well.

Demand for these virgin e-mail accounts is so high that the crooks are developing new techniques for accessing them, even compromising legitimate web pages as a way to infect a PC with software that can pick up keystrokes.

A few high-profile mistakes, of course, could have profound implications for several companies, including: the e-mail provider, social networking platform, credit card company and any stores where credit card data is used. One compromised account can trigger a chain reaction.

Tags: aol, aol mail, AolMail, email, email access, EmailAccess, facebook, gmail, goog, google, ibm, ibm corp., IbmCorp., microsoft, microsoft msft, MicrosoftMsft, msft, myspace, pricewaterhousecoopers, pwc, social media, SocialMedia, socialnetworking, timewarner, timewarnertwx, twitter, twx, webmail, windows live, WindowsLive, yahoo, yahoo mail, YahooMail, yhoo

Add your comments

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.

Symbol Lookup
IndexesChangePrice
DJIA-14.2810,318.16
NASDAQ-10.782,146.04
S&P 500-3.521,091.38

Last updated: November 22, 2009: 12:03 AM

BloggingStocks Exclusives

Hot Stocks

DailyFinance Headlines

Latest from BloggingBuyouts

TheFlyOnTheWall.com Headlines

    BioHealth Investor Headlines

    WalletPop Headlines

    My Portfolios

    Track your stocks here!

    Find out why more people track their portfolios on AOL Money & Finance then anywhere else.

    • My Portfolio
    • Create a New Portfolio

    BloggingStocks Partners

    More from AOL Money & Finance

    WalletPop Headlines