Do you know about 10 biggest email blunders of 2009?
Trojan Horse
empties bank accounts
In September, it
was reported that a banking Trojan horse, dubbed URLZone, had thwarted fraud
detection systems, to enable software to actually steal money while users are
logged in to their accounts and display a fake balance. Victims’ computers were
infected either by clicking on a malicious link in an email or visiting a website
that has been compromised with hidden malware. The Trojan also kept a log of
the victim's bank account login credentials, took screenshots, and snooped on
the user's other Web accounts, such as PayPal, Facebook, and Gmail.
FBI forgery
The wife of FBI
Director Robert Mueller banned him from online banking after he nearly fell for
a phishing scam. Mueller received a seemingly legitimate email from what he
thought was his bank, which prompted him to verify some information. He even
went as far as filling out some of his personal information before realizing it
might not be a great idea.
Hotmail phishing
Most recently, more
than 10,000 Hotmail accounts were compromised in October and passwords were
posted on several websites where developers typically share programming code.
News site Neowin reported it had seen part of the list, which has since been
removed, and notified Microsoft of the issue. In this phishing scam, hackers
sent out legitimate-looking emails under the letterhead of banks, eBay and
other institutions, telling consumers they needed to reset online passwords to
their Web sites for security purposes.
Start-up suicide
Back in September,
social media advertising and applications start-up RockYou, sent out a mass
email to their customers and associates announcing their new site redesign, but
instead of using BCC:, they displayed the entire mailing list of over 200 email
addresses in the CC: field. Not surprisingly, many of those addresses ended up
on a spammer’s list.
Judge orders gmail
account deactivated
In August,
Wyoming-based Rocky Mountain Bank mistakenly sent names, addresses, social
security numbers and loan information of more than 1,300 customers to a Gmail
address. When the bank realized the problem, it sent a message to that same
address asking the recipient to contact the bank and destroy the file without
opening it.
Payroll panic
Payroll processor
PayChoice was the victim of a website breach in which customers received
targeted emails purporting to be from the company, but were designed to trick
people into downloading malware. Workers received emails that directed them to
download a browser plug-in or visit a website to continue accessing the
onlineemployer.com PayChoice portal.
Tax terror
Britain’s tax
authority, HM Revenue & Customs, issued a warning about a rash of scam
emails that used convincing (but fake) government email address in an attempt
to lure recipients into divulging their personal information to receive a tax
refund.
UCSD fake-out
|