The Windows Blog
By Dick Craddock
I will NEVER ask for your password
There are a lot of bad things on the Internet, and few are worse than phishing scams. But there is a certain class of phishing scam that has earned a special level of disdain and disgust, at least from me. I’m talking about the phishing scams that target Hotmail customers using my name, my picture, and even my signature. Grrrr.
Let me clear something up right off the bat: I will never ask for your password. No one from Hotmail or Microsoft will ever ask for your password. In fact, no legitimate service will ever ask for your password. If you ever get an email asking for any password to any service, you can be sure, without a shadow of a doubt, that the email is a phishing scam. Just junk it. (Or, in Hotmail, mark it as a phishing scam using the “Mark As” menu.)
Article: http://windowsteamblog.com/windows_live/b/windowslive/archive/2011/08/10/i-will-never-ask-for-your-password.aspx
No April Fools Day joke, on Friday Dallas based on-line marketing firm Epsilon said that its system had been breached.
Epsilon Notifies Clients of Unauthorized Entry into Email System
IRVING, TEXAS – April 1, 2011 – On March 30th, an incident was detected where a subset* of Epsilon clients’ customer data were exposed by an unauthorized entry into Epsilon’s email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.
* Updated April 4, 2011: The affected clients are approximately 2 percent of total clients and are a subset of clients for which Epsilon provides email services.
http://www.epsilon.com/News%20&%20Events/Press_Releases_2011/Epsilon_Notifies_Clients_of_Unauthorized_Entry_into_Email_System/p1057-l3
That 2 percent figure seems very low.
Mashable
A huge security breach has exposed the names and email addresses of customers of major brands, including Target, Best Buy, Walgreen’s, Capital One and more.
UPDATE: Apparently, a slew of hotel chains’ rewards programs have also been hit by the Epsilon breach; affected chains include Hilton, Red Roof Inn, Ritz-Carlton and Marriott.
List at Mashable: http://mashable.com/2011/04/04/epsilon-data-breach/
I received an email from a company I have done business with in the past in which they informed of a system breach at Epsilon and warning that e-mail addresses can be used for “phishing” attacks.
http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx
by certifiedbug on October 8, 2009
in News
FBI Press Release
The largest number of defendants ever charged in a cyber crime case have been indicted in a multinational investigation conducted in the United States and Egypt that uncovered a sophisticated “phishing†operation that fraudulently collected personal information from thousands of victims that was used to defraud American banks.
Authorities in several United States cities arrested 33 of 53 defendants named in an indictment returned last week by a federal grand jury in Los Angeles. Several defendants charged in the indictment are being sought this morning by law enforcement. Additionally, authorities in Egypt have charged 47 defendants linked to the phishing scheme.
Full Statement
FBI Director Robert Mueller’s speech on cyber threats. Mueller told how he nearly fell for an email phishing scam himself.
After changing all our passwords, I tried to pass the incident off to my wife as a “teachable moment.†To which she replied: “It is not my teachable moment. However, it is our money. No more Internet banking for you!â€
by certifiedbug on October 6, 2009
in Microsoft
Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers’ credentials were exposed on a third-party site due to a likely phishing scheme. Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers. As part of that investigation, we determined that this was not a breach of internal Microsoft data and initiated our standard process of working to help customers regain control of their accounts.
10/5/2009
Update: Phishing scheme affecting some Hotmail customers
As of 3pm PT: We want to provide a quick update, that as a result of our investigation we are taking measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts.
If you believe your information was documented on the illegal list, please fill out the following form to reclaim access to your account.
Windows Live Blog
Neowin: Thousands of Hotmail passwords leaked online
Update
BBC News.
Google targeted in e-mail scam
Scam hits more e-mail accounts
