Network News

X My Profile
View More Activity

Hijacked Webmail Accounts Used to Promote Dodgy E-Commerce Sites

Tens of thousands of compromised Gmail, Hotmail and Yahoo Webmail accounts are being used to gin up traffic for dodgy, bargain-basement electronics vendors online that only accept bank transfers and Western Union payments, security experts warn.

Over the weekend, the credentials for at least ten thousand Microsoft Hotmail accounts were briefly posted online. Microsoft acknowledged the incident on Monday, saying the accounts were stolen as part of a phishing scam. Since then, other news outlets have reported that large caches of Yahoo and Gmail account credentials also were found online.

pitchmail.JPG

According to an analysis by security vendor Websense, attackers used the hijacked accounts to spam each victim's e-mail contacts, sending messages that tout several online electronics stores. According to Websense, the stores promoted in the spam e-mails are all fakes set up to steal your money (click the image at the right for an enlarged screen shot of one sales pitch that Websense says it traced back to this scam).

I wrote about a similar attack back in April (see Spam From Hijacked Webmail Accounts) after a number of readers (including a family member) complained of having their Webmail accounts hijacked and used to send this type of spam. In that attack, the perpetrators also added their sales pitch to the victim's e-mail signature, ensuring that their spam lived on even after the victim changed his or her password.

koreadeal2.JPG

The Web site named in the snap shot above -- Koreadeal.com -- features page after page of listings for electronics, some at unbelievable prices (please avoid visiting the site, as a cursory scan indicates it may harbor malicious content). However, if you put any of these items in your cart and try to check out, you'll soon find out that the only way to pay for them is by transferring the money through a bank or Western Union (click the screen shot to the left). Both the Better Business Bureau and the Federal Trade Commission have urged consumers to avoid paying for online purchases via these methods -- which are essentially cash-based and nearly impossible to reverse.

McAfee's Web reputation service SiteAdvisor.com has absolutely nothing nice to say about Koreadeal.com. That is a short time frame in which to have earned such a reputation: Koreadeal.com's registration records indicate the site has only been online for about a month.

An e-mail sent to koreadeal.com was not returned, but I managed to get a brief response from someone at Koreadeal.com via the customer support live chat feature built into the site. I asked why the company does not accept credit card payments.

"In the past, some people cheat us. So now we don [sic] not use credit card anymore," the user "Koreade" replied. When I asked whether the company was aware its site was being promoted through hijacked Webmail accounts, the person I was chatting with stopped answering my questions.

By Brian Krebs  |  October 7, 2009; 3:20 PM ET
Categories:  Latest Warnings , Safety Tips  | Tags: gmail, hotmail phish, webmail hijack, yahoo  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Zeus Trojan Infiltrates Bank Security Firm
Next: Latest FBI Crackdown on Phishing Targets 100 Defendants in U.S., Egypt

Comments

I am the founder / developer of EasySecured.com which has innovated a password less solution for online authentication and identity management.

If passwords are not keyed in by the users and the same are not stored on the webserver, then it will become almost impossible for hackers to get to your online account.

Posted by: gemofaperson | October 7, 2009 7:35 PM | Report abuse

This is nothing new. I've been getting eMails "from" my friends for SEVERAL YEARS now promoting on-line businesses which my friends obviously would have nothing to do with. These were eMails endorsing certain websites, sites which undoubtedly would try to infect my machine, separate me from my money, and do God only knows what else. Perhaps what's new here is simply the magnitude of the problem?

Posted by: JeffBbiz | October 8, 2009 10:40 AM | Report abuse

The Foundation

America was built on a foundation of drugs, cigarettes, and tobacco. Attack the foundation and you are attacking the free American. The medical monopolies stated objective (stl commerce magazine) “is to create a need and then fill it”. A monopoly that will “subvert the true science of weed” (Time magazine) will also subvert the laws and liberty of its people for their wallets. Ben Franklin said “A civilized society is based on liberty and tolerance” the foundation America was built on was not one that forces you to join a church or a co-op in order to prosper. It was not an economy that was built on profiting off the old and sick, where most of the factory and services were based overseas. Where the people can be criminalized for failing to pay endlessly for the monopolies incompetence. If the people are denied the right to walk down to the store and buy what they need or want, If the people are demonized for challenging their fraudulent science then we end up with city streets filled with crime and violence boarded up buildings and vacant lots, small business shut down and the largest jail population in the world. With 90% of the jail population in jail for drug or drug related crime, all in the name of safety? Who’s ? For when they can classify tanning beds the same as muster gas and arsenic ,cigarettes the same as rattle snake bites, eggs butter salt and beer we have all heard their fears, but “a person who is willing to give up freedom in the name of security deserve neither freedom or security” Ronald Reagan. What is between man and God should not be the states or the churches concern. The state needs to grow up and quit playing victim; restore the free enterprise system. Then the smokers and the beer drinkers don’t have to worry about forever being a criminal and the basic rights ,The first page of the Holy scriptures “the power over the plants and animals “ can be tolerated. Then we can have an economy where health care is not dictated to the masses by foreign owned pharmaceutical companies but the freedom and prosperity our forefathers built for us can once again be the corner stone of our foundation and the torch of freedom and its smoke can burn bright into the next generation.
read more in about christians and freedom @amazon.com

Posted by: smokingspirit123 | October 12, 2009 3:07 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company