Fordham Information Technology - Secure IT: Article: Password Recovery Scam: How Hackers Are Stealing Gmail, Yahoo Mail Accounts

Tuesday, June 23, 2015

Article: Password Recovery Scam: How Hackers Are Stealing Gmail, Yahoo Mail Accounts

"Symantec has observed an increase in a "particular" type of spear-phishing attack targeting mobile users. The purpose of the attack is to gain access to the victim's email account.
"This social engineering attack is very convincing and we've already confirmed that people are falling for it," the security firm said.

To pull off the attack, the bad guys need to know the target's email address and mobile number; however, these can be obtained without much effort. The attackers make use of the password recovery feature offered by many email providers, which helps users who have forgotten their passwords gain access to their accounts by, among other options, having a verification code sent to their mobile phone.
The majority of cases observed affect Gmail, Hotmail, and Yahoo Mail users.

Symantec warns that users should be suspicious of SMS messages asking about verification codes, especially if they did not request one. If uncertain about an unexpected request, users can check with their email provider to confirm if the message is legitimate. Legitimate messages from password recovery services will simply tell you the verification code and will not ask you to respond in any way."


1 comment:

elson cade said...

Our post-secondary training is designed to support the local workforce. The Adult & Career Technical Education programs will provide you pathways in the areas of Industrial/Technical, Health/Medical, Business/Computers, Family and Consumer Sciences, and Public Service. Here are options for Construction Trades,Information Technology,Health Science,Technical College in Miami,Adult Education in Miami and Quality Education and
Lowest Tuition.

US-CERT Technical Cyber Security Alerts

IT Security - The IT Security Industry's Web Resource