Microsoft sues firm for instant messaging spam
By Asavin Wattanajantra in Editorial
Posted in instant messaging, passwords, phishing, Microsoft on
Many people who use Windows Messenger are familiar with those instant messages that prompt you to click on a link to spam, or someone taking control of their account to spam everybody on their friend’s list.
Given the name “SPIM”, Microsoft is now making efforts to deal with this, taking legal action which alleges a company called Funmobile conduced a campaign to spim Microsoft customer contacts, and undermine their privacy.
Microsoft is asking the court to grant an injunction to stop the activity as well as get monetary damages - hoping to send a message that this isn’t tolerated.
Microsoft alleged that the Hong-Kong based company came up with a scheme targeting customers that appeared to come from the email address of a known friend, and invite the recipient to click.
Customers who clicked on the link were then ‘phished’ - asked for their IM username and password to login, and redirected to a porn site or a social networking community.
Microsoft then allege that Funmobile collected the usernames and passwords to access Microsoft’s systems and customer accounts. Scraping or harvesting the contacts from each of the users, they sent unsolicited bulk emails.
The enterprise view
Michael Remond, chief executive of IM firm ProcessOne, said that Microsoft was right to raise the fight against SPIM, and that it highlighted the dangers of businesses using IM platforms.
He said: “As enterprises increasingly use IM and chat applications for internal and customer communications, security is more important than ever.
“Microsoft and other public IM platforms have a long way to go to be suitable and safe for the enterprise.”
Not yet rated
Loading ...
Twitter accounts breached by hackers - again
By Asavin Wattanajantra in Editorial
Posted in social engineering, passwords, cybercrime, hacking, Twitter on
Twitter has confirmed that it has been hacked again by an outsider, with the French this time claiming responsibility.
According to reports, a person going by the name of ‘Hacker Kroll’ managed to access celebrity accounts as well as the account of Jason Goldman, Twitter’s director of product management.
The hacker claimed that they managed this to do this with a social engineering technique to access his Twitter account. He or she says they found it by accessing an admin’s Yahoo account to find his Twitter password.
Through screenshot images the hacker claims that they have broken into celebrity accounts belonging to those of Ashton Kutcher, Britney Spears and Lily Allen.
Reports said that the email addresses of the compromised accounts, mobile phone numbers as well as the accounts the affected users had blocked were accessible. (Kutcher and Allen are said to have blocked celebrity gossiper Perez Hilton).
In response, Twitter co-founder Biz Stone admitted that an outside party had gained unauthorised access, and that 10 individual accounts were viewed. He did say that no password information or personal information was revealed or altered,
Stone said: “Twitter takes security very seriously so we will be conducting a thorough, independent security audit of all internal systems.”
It wasn’t the first, and unlikely to be the last problem with hackers that Twitter will have. Back in January an 18-year old hacker who managed to breach administration systems admitted his guilt, but instead of a social networking attack he had used a self-created dictionary program tool.
One of Twitter’s most famous British followers in Stephen Fry also fell victim to a phishing attack. Considering Twitter’s rise in popularity, especially with businesses, can it be trusted to keep your accounts safe fromintruders?
Sophos security expert Graham Cluley said: “Although many will blame Twitter for no ensuring that its staff followed sensible policies to better secure critical administrator accounts, lets not forget that the real criminal here is Hacker Croll.
He added: “They have acted illegally by breaking into these accounts, even if they didn’t do anything malicious.”
Not yet rated
Loading ...
Tag cloud
Most commented posts
- Ten reasons why people are leaving MySpace
52 comments
- My Michael Jackson blog post
- Ten reasons why World of Warcraft is better than Second Life
- Facebook user arrested for poking somebody
- What should the staff writer have as his smartphone?
- Beware of hacked Facebook applications
- Ten funny sightings on Google Street View
- Twitter didn't actually get hacked - Google did
- Microsoft sues firm for instant messaging spam
- Joining the sheep - I'm getting an iPhone
Highest Rated Blog Posts
- Ten tips to avoid your satnav driving you over a cliff (100%)
- Does unfiltered internet 'disturb children'? (100%)
- The brain-controlled laptop computer (100%)
- Why Twitter is a better news tool than Digg (100%)
- Apple and its obsession with secrecy (100%)
- Twitter isn't for teenagers? It's common sense. (100%)
- Farming and becoming a Godfather with Facebook (100%)
- Orange and the iPhone - competition is a good thing (100%)
- Bendy phones straight out of the future (93.4%)
- How Pirate Bay sticks two fingers up at the industry (80%)
