Users of Google’s Gmail and Yahoo Mail were also targeted in the large-scale phishing attack that harvested at least 10,000 passwords from Microsoft’s Live Hotmail, according to reports.
Neither of the companies’ US representatives responded to requests for information. But in Europe, where most of the Hotmail phishing victims appeared to be located, a spokesman for Google confirmed the targeting of Gmail users.
“We recently became aware of an industry-wide phishing scheme through, which hackers gained user credentials for web-based mail accounts including Gmail accounts,” a Google spokesperson told the BBC.
The British network said it has seen a list of some 20,000 hijacked e-mail accounts that included accounts from Gmail, Yahoo Mail, AOL, Comcast and EarthLink.
“As soon as we learned of the attack, we forced password resets on the affected accounts,” the Google spokesperson also told the BBC. “We will continue to force password resets on additional accounts when we become aware of them.”
The intrusions, which fool users into giving their details to a dummy website, come amid a sharp rise in the number of phishing attacks. According to the Anti-Phishing Working Group some 50,000 mass attacks took place in June 2009, almost double the number recorded in January.