Yahoo and Hotmail Users also Targeted in Sophisticated Webmail Attacks

Attacks similar to those that recently targeted key Gmail users, were also launched against high-profile individuals with Yahoo! Mail or Hotmail accounts.

Google recently advised users to enable 2-step authentication in Gmail and take other account security precautions, after detecting a major speak phishing attack campaign that targeted government officials, political activists, military personnel, journalists and other individuals with access to sensitive information.

"While there has been significant media coverage of the incident, there has been a variety of recent attacks on popular Webmail platforms.

"In addition to Gmail, Hotmail and Yahoo! Mail have also been targeted. While the attacks appear to have been separately conducted, these have some significant similarities," security researchers from antivirus vendor Trend Micro announce.

For example, Hotmail users were recently targeted via emails that exploited a vulnerability in Microsoft's email service to steal their contact lists and change forwarding settings.

This technique of adding rogue email forwarding addresses allows attackers to easily read their victims' communications and was used in the Gmail spear phishing attacks.

Users are strongly encouraged to regularly check their email forwarding settings for addresses they don't recognize. If any is found, it's a good indication that the account has been compromised and they should immediately change their passwords.

Users should also start using advanced security settings, like two-factor authentication, when available, because they make account hijacking much more difficult even when the password is compromised.

Yahoo! Mail users have also been targeted in a recent campaign aimed at exploiting the webmail service to steal people's session cookies. These files allows attackers to gain temporary account access.

According to Trend Micro researchers, this attack failed, but it does serve as a good reminder that Yahoo! Mail users are being targeted as well. The same sender address was used earlier this year to distribute emails containing malicious PDF and DOC files.