Spammers breach security to hijack email accounts

By Andrew Koubaridis

Photo / Thinkstock
Photo / Thinkstock

Hundreds of New Zealanders have had their email accounts hijacked by "savvy" spammers.

It isn't known how the Yahoo Xtra email security was breached. But once it was, emails were sent to everyone on the users' contact lists asking them to click on a link.

Telecom - which uses Yahoo for its email service - said it was "a suspected phishing issue".

Phishing is a tactic used by scammers pretending to be legitimate sources to get confidential information such as passwords, usernames or even credit card details.

Telecom spokeswoman Jo Jalfon said the problem arose on Saturday afternoon. "Some customers reported experiencing bounced emails and noticed emails were being sent to their contact list after opening suspicious emails."

The company said they were told early yesterday that the issue had been resolved, but emails continued to be sent throughout the day and customers were being told to change their passwords to stop more issues.

"Despite the huge focus Yahoo! puts on email security, spammers are internationally becoming increasingly savvy," Ms Jalfon said. "Telecom advises its customers to routinely change their password to further reduce the risk of their email account being compromised in any way."

She said 150 customers had called to say they had opened the email but it was impossible to say how many were involved in total because some would have just deleted the suspicious email when they received it.

One customer was unhappy Xtra sent no notification of a problem. "Why did they not tell us when they knew their system had been got into?"

A recorded message from Xtra said the problem had been fixed but it was too late for those who were unaware.

Telecom said customers noticed the problem when emails starting bouncing back and emails were being sent to their contact lists after they opened them. But one Xtra customer said he was still affected although he did not click on the link and hadn't used his account for a month.

Last July, 39 Yahoo Xtra users had their email passwords and logons stolen. Ms Jalfon said users should contact Broadband Helpdesk on 0800 225 598 about any problems.

- NZ Herald

© Copyright 2014, APN New Zealand Limited

Assembled by: (static) on production apcf01 at 25 Oct 2014 07:18:45 Processing Time: 28ms