SECNAP Network Security Engineers Discover Rash of Hacked Freemail Accounts

SpammerTrap Email Security Technology Detects and Blocks New Spam, Phishing Exploits

Boca Raton, Fla., December 7, 2010 – Engineers at SECNAP^® Network Security Corporation have confirmed a rash of hacked freemail accounts, which hackers are using to spew spam and phishing email attacks.  The security firm began detecting spikes in these exploits over the weekend through its SpammerTrap^® email security technology, and has recorded an 850-percent increase in these spam and phishing emails since Sunday.  SECNAP engineers verified details with several victims who confirmed their Gmail and Hotmail accounts were hacked and used to distribute spoofed emails.

This particular email exploit targets free Gmail and Hotmail accounts with simple, easily guessed passwords.  The emails typically contain one or two links to websites, which analysis reveals to be either malicious sites or legitimate sites that have been compromised for malicious purposes.  Victims checking their Sent folders have discovered numerous emails they profess not to have sent.

“We first detected this email exploit on Sunday, December 5, and now have 72 hours’ of verified data,” said SECNAP chief technology officer, Michael Scheidell.  “The SpammerTrap technology has effectively detected and blocked the onslaught.”

Users of freemail accounts are advised to review their passwords immediately and change them to new, complex passwords.  A complex password contains a combination of uppercase and lowercase letters, numbers, and symbols, and is a minimum of eight characters or longer.  Passwords should be changed at least every 90 days. Users who suspect they may have been victimized should contact their email service providers.

Help is also available on the Internet at links such as http://charlie.griefer.com/blog/index.cfm/2010/11/8/GMail-Account-Hacked.

Email administrators concerned with this latest rash of email exploits should make sure that their email security solution leverages the most advanced technology available, and that recommended settings have been enabled.

SECNAP clients who utilize the SpammerTrap series of appliances, IONSPAM hosted services and Virtual Private SpammerTrap managed services according to the recommended settings are fully protected and need take no action against these exploits.

About SECNAP
SECNAP Network Security develops advanced information technology solutions that enable the secure and private conduct of e-business. The company’s award-winning Email Security and managed Network Security solutions, and ground-breaking Rule18 Email Encryption solution, ensure unrivaled 24/7 protection of information assets. An extensive suite of Security Services includes external penetration testing, internal vulnerability assessments, HITECH, HIPAA, GLBA and other compliance assessments, web application and wireless assessments, social engineering testing, and more. For details, visit secnap.com.