Phish­ing fin­gered for ma­li­cious spam at­tack on Ya­hoox­tra email

Matamata Chronicle - - News -

Tele­com says nei­ther it nor out­sourced email provider Ya­hooX­tra are re­spon­si­ble for a mas­sive mal­ware at­tack on Kiwi in­ter­net users that be­gan over the week­end.

Many in­ter­net users have re­ceived rogue emails from friends and col­leagues who are Ya­hooX­tra cus­tomers, con­tain­ing links to web­sites that are de­signed to in­fect their com­put­ers with mal­ware.

Tele­com said a so­phis­ti­cated phish­ing at­tack on its cus­tomers, rather than any breach of Ya­hooX­tra’s own se­cu­rity, ap­peared to be re­spon­si­ble.

Telecom­mu­ni­ca­tions Users As­so­ci­a­tion chief ex­ec­u­tive Paul Brislen said a ‘‘sig­nif­i­cant’’ num­ber of Ya­hooX­tra cus­tomers – pos­si­bly in the thou­sands – ap­peared to have had their com­put­ers com­pro­mised.

Mr Brislen ex­pla­na­tion un­likely as

said Tele­com’s ap­peared the vic­tims in­cluded many pro­fes­sion­als who he would not nor­mally ex­pect to fall for phish­ing scams.

But Tele­com spokes­woman Jo Jal­fon pointed the fin­ger in the di­rec­tion of a phish­ing scam that was also re­ported to have af­fected Google, the world’s largest email provider, that was out­lined in a Wha­le­oil blog.

The per­pe­tra­tors of that scam ap­peared to be able to ‘‘guess’’ email ad­dresses that might be known to oth­ers and in­cluded them in the ‘‘To’’ field of the phish­ing emails – mak­ing it more likely re­cip­i­ents would trust and open them.

That mal­ware at­tack had ‘‘or­gan­ised crime writ­ten all over it’’, ac­cord­ing to the blog, and ap­peared de­signed to steal peo­ple’s credit card de­tails.

Ms Jal­fon said it did not know how many cus­tomers had been af­fected.

It ad­vised those who had been hit to change their Xtra pass­words.

Newspapers in English

Newspapers from New Zealand

© PressReader. All rights reserved.