Hotmail Accounts Getting 'Hijacked,' Microsoft Says
- By Jabulani Leffall
- August 27, 2009
Microsoft pointed to e-mail account "hijacking" as becoming an increasing problem, especially among Windows Live Hotmail users.
In a blog post on Monday, the company warned that some Windows Live Hotmail users have noticed that their accounts have been "hijacked" by spammers. Users can log into hijacked accounts, but they unwillingly share them with a hacker.
According to Microsoft, a hijacked user account would allow a hacker to send e-mails to the user's contacts, which could result in both the user and those contacts unwittingly downloading worms onto a workstation. From there, such malware can spread to the network.
Windows Live Hotmail, the e-mail service that powers Office Live Small Business, and other services such as Google's Gmail and Yahoo Mail, may be vectors for such attacks.
Security experts say this vector is among the most common client-side entry points for malware. Users are more likely to open and act upon an e-mail out of curiosity and then click on a link. They're also more likely to open an e-mail from someone they know.
The value of stolen or hijacked e-mail accounts has always been huge, according to Paul Henry, security and forensic analyst at Lumension.
"Initially, all you needed was to brute-force the user's password," he said. "Now, when you factor in the automation and organization of today's cyber criminals, seeing mass hijacking of e-mail accounts is simply a regular occurrence."
Randy Abrams, director of technical education at ESET, suggested that users of Microsoft's online services need better security information.
"Where Windows Live was correct in advising to obtain the most recent virus definitions, a nontechnical person at Office Live translated that to 'stay up-to-date on the latest computer viruses going around'," he said. "[But] staying up-to-date on the latest computer viruses doesn't really help. You need to understand the concepts to avoid them. There are too many new threats to keep up with them all."
Symantec's "State of Spam Report" (PDF here), released earlier this month, found that spam accounted for 89 percent of all e-mail messages in July. The spam rate for August was even more dire, according to a recent MX Logic report, which found that up to 94.9 percent of all e-mail messages were spam.
Spam that delivers images and links continues to have an impact, accounting for 17 percent of all spam in July, according to Symantec's report. A new version of "419 spam" has appeared in which "spammers tried to exploit VoIP services," according to Symantec. The company describes 419 spam as a message that alerts users about money they supposedly either inherited or won.
Adam O'Donnell, director of emerging technology at Cloudmark, said spam is growing rapidly and is increasingly targeting free e-mail sites. O'Donnell said password integrity at the user level and strong access control policies at the enterprise level can reduce risks.
"Hijacking [free accounts] is a common occurrence, and it is becoming more frequent as other vectors for sending spam are reduced," he said. "Users need to use strong and unique passwords on every Web account to help stop these kinds of attacks."
Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.