Hotmail Phishing Scam Also Took In Gmail Users

Hotmail users not alone; scheme was 'industry-wide'
By Kevin Spak,  Newser Staff
Posted Oct 6, 2009 2:35 PM CDT
A screenshot of Google's GMail.
camera-icon View 2 more images

(Newser) – Hotmail users weren’t the only ones compromised in the huge phishing scheme that came to light yesterday. Another 20,000 email accounts and passwords have surfaced, bearing addresses from Gmail, Yahoo, AOL and other services, the BBC reports. Google has found a third list but hasn't detailed its contents. Google and Microsoft have described the scam as “industry-wide.”

Google says the info wasn’t found by cracking Gmail’s security, but with “phishing” websites that tricked users into revealing their information. The company has been forcing password resets on all accounts known to be affected. The scheme came to light yesterday when a list surfaced containing the usernames and passwords for 10,000 Hotmail accounts. Experts hope the scam will force people to become more savvy with passwords—for starters, changing them regularly and not using the same one for multiple accounts.