Attackers compromise email accounts using password recovery scam
Gmail, Hotmail and Yahoo Mail accounts are being compromised as part of a highly targeted social engineering scam involving text messages – and all the attackers need to pull it off is an email address and a mobile phone number.
Using Gmail as an example, Symantec's Slawomir Grzonkowski explained in a Tuesday post that an attacker goes to the login page, enters the target's email address, and then clicks the ‘Need help?' link meant for users who have forgotten their passwords.
The attacker then chooses the option to text a verification code to the target's mobile phone, and sends a follow-up text message to the target explaining that unusual activity has been detected on the account and the target should respond with the verification code.
Responding enables access to the email account, and the attackers appear to be going after information, the post indicated.