Cyber Extortion via Web Mail


...Unlike previously documented cases (where end-users were infected with malicious code, certain file types were encoded or encrypted, and a ransom message was left on the machine), this attack compromises users' online web mail accounts. When end users logged into their web mail accounts (in this case Hotmail), they noticed that all their 'sent' and 'received' emails were deleted along with all their online contacts. The only message that remained was one from the attacker that requested they contact them for payment in order to receive the data back.

In this case, the end-users had recently visited an Internet cafe where their credentials may have been compromised. WebsenseŽ - Security Labs Alert: Cyber Extortion via Web Mail

Linked by shanmuga Tuesday, 12th December 2006 11:48PM