I just read this from Security Fix and Thought I should talk about it some to better help people fix this:
Dear Friend,
New shopping new life!
How are u doing these days?Yesterday I found a web of a large trading company from china,which is an agent of all the well-known digital product factories,and facing to both wholesalers,retailsalers,and personal customer all over the world. They export all kinds of digital products and offer most competitive and reasonable price and high quality goods for our clients,so i think we you make a big profit if we do business with them.And they promise they will provide the best after-sales-service.In my opinion we can make a trial order to test that.
Look forward to your early reply!
According to Security, they are advertising the Easylifeing.com domain and have compromised GMAIL and Yahoo Mail. This resembles the ones that happen to some other Accounts. Check [intlink id=”3330″ type=”post”]Yahoo article[/intlink] and the [intlink id=”3233″ type=”post”]Hotmail Article[/intlink] for other example of compromised accounts.
I must keep reminding people that you shouldn’t have a easy password for those account it shouldn’t be anything someone can guess like a name or place or even a word. It should be something with Letters and Number, both lower and higher case. You should also consider not writing it down where people can see it just in case you have visitors. Probably best to use a [intlink id=”2646″ type=”post”]password manager[/intlink] to keep your passwords from prying eyes.
We know that this all comes down to either a dictionary attack or a phishing attack. You can decide which, but I am going to assume it was someone Phishing for your password. If you only use one password for several accounts that can be very dangerous, you should not keep the same password for each account. Just like people phishing for your [intlink id=”2650″ type=”post”]Twitter account[/intlink] or your [intlink id=”3008″ type=”post”]Facebook account[/intlink], if you use one password for all then he has that password for every account.
I can see why spammers are going to be using this heavily in the the coming months to years because these will not be thrown into the spam folder, being that you know the person or persons sending the email. You probably have it set up to not put it in the spam. The more eyes who see this more chance that they will get someone to buy something, and the more people who see it the more money they make.
Your best bet is if you see someone doing something like this you should contact them by phone if possible, or you should email them back and tell them to change there password. This I am sure will be an even harder job for the IT guys because they will have to start monitoring this type of traffic more often then not. Although it isn’t a bad idea to have a[intlink id=”2205″ type=”page”] Free anti-virus or a Free Firewall[/intlink] installed just to be on the safe side.
