Page last updated at 09:28 GMT, Tuesday, 6 October 2009 10:28 UK

Scam hits more e-mail accounts

By Jonathan Fildes
Technology reporter

email checkers
More than 20,000 e-mail addresses have been seen by the BBC.

The scale of a phishing attack originally thought to be directed at Hotmail may be larger than previously thought.

BBC News has seen a list of more than 20,000 more names and passwords that have been posted online.

The list contains e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail and other service providers.

The list was published on the same website as the original list of 10,000 Hotmail login details.

Some of the accounts appear to be old, unused or fake. However, BBC News has confirmed that many - including Gmail and Hotmail addresses - are genuine.

Other addresses include Comcast and Earthlink accounts.

It is not clear whether the list was part of the same phishing attack that collected the Hotmail addresses or a separate scam.

Phishing involves using fake websites to lure people into revealing details such as bank account details or login names.

A spokesperson for Microsoft said phishing was an "industry-wide problem".

"Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software."

Password change

Technology blog neowin.net was the first to publish details of the original attack. It said the accounts were posted on 1 October to pastebin.com, a website commonly used by developers to share code.

The Pastebin website is currently down for maintenance.

Its owner, Paul Dixon, posted a note on the site in the wake of neowin's revelations saying that it had received "an unprecedented amount of traffic".

"Pastebin.com is just a fun side project for me, and today it's not fun. It will remain offline all day while I make some further modifications," he said.

Security expert Graham Cluley of Sophos advised users to change their passwords as soon as possible.

"I'd also recommend that people change the password on any other site where they use it," he said.

About 40% of people use the same password for every website they use, he added.



Print Sponsor


SEE ALSO
Phishing attack targets Hotmail
05 Oct 09 |  Technology
How to escape the phishing nets
02 May 05 |  Technology
Hi-tech crime: A glossary
05 Oct 06 |  UK
Q&A: Stay safe online
17 Nov 08 |  Technology
Thousands fall for Hotmail prank
08 Mar 06 |  Business
Hotmail hole exposes e-mails
20 Aug 01 |  Science/Nature

RELATED INTERNET LINKS
The BBC is not responsible for the content of external internet sites


FEATURES, VIEWS, ANALYSIS
Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit

BBC navigation

BBC © 2013 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.

Americas Africa Europe Middle East South Asia Asia Pacific