Hacked Web mail accounts used to send spam
While Websense has seen a rise in spam following the compromise of thousands of Web mail accounts, security experts are split over how the accounts were breached.
There has been a marked increase in the amount of spam e-mails being sent from, according to analysts at Websense Security Labs.
Websense said on Thursday that personalized spam e-mails had been sent from the compromised accounts to all of each user's contacts. The e-mails contain links to fake shopping sites, intended to capture sensitive information from the reader.
Earlier this week, Microsoft acknowledged thathad breached, and suggested the passwords for the accounts had been obtained in a phishing scam.
However, some security experts believe that the password breach cannot be attributed to phishing. Amichai Shulman, chief technology officer for security firm Imperva, told ZDNet UK on Friday that the information was likely to have been obtained through key logging.
"The quantity of people hit makes me think that it was key logging--the success rate for phishing is only about one in 1,000," said Shulman. "Secondly, when I went through the list of email account credentials...
Read more of "Hacked Web mail accounts used to send spam" on ZDNet UK.