October 07, 2009 07:50am

GOOGLE and Yahoo! have joined a growing roster of web-based email service providers with users
duped by hackers into betraying passwords to accounts.

A day after Microsoft blocked access to thousands of Hotmail accounts in response to hackers
plundering password information and posting it online, the list of victims was growing to include
users of an array of email services. "We recently became aware of a phishing scheme through
which hackers gained user credentials for web-based mail accounts including a small number of
Gmail accounts," Google said.  "As soon as we learned of the attack, we forced password resets
on the affected accounts.”We will continue to force password resets on additional accounts if
we become aware of them." Cyber-crooks evidently used "phishing" tactics to trick users of free
web-based email service into revealing account and access information.  "We are aware that a
limited number of Yahoo! IDs may have been made public," Yahoo! said. Time Warner
subsidiary AOL said it was "closely monitoring the situation".  "Our guidance to users is to keep
your wits about you: do not click on live links, or insert any details into input fields in emails,
pop-ups or web pages if you are not sure where they come from."  Microsoft learned of the
latest problem during the weekend after Hotmail account information of "several thousand"
users, many of them reportedly in Europe, was posted at a website.  The unconfirmed list of
Hotmail accounts compromised by "phishing" has grown into the tens of thousands.  Phishing is
an internet bane and involves using what hackers refer to as "social engineering" to trick people
into revealing information online or downloading malicious software onto computers.  Phishing
tactics include sending people tainted email attachments that promise enticing content such as
sexy photos of celebrities and luring people to bogus log-in pages that are convincing replicas of
legitimate websites.  "Phishing is an industry-wide problem... exercise extreme caution when
opening unsolicited attachments and links from both known and unknown sources, and install
and regularly update anti-virus software," Microsoft said.  Google advises Gmail users not to
"click through" on warnings browsers may raise about certificates nor sign in at Web addresses
that don't start with google.com/accounts. 
Questions:
1. Describe what is happening in the article; explain the social and ethical issues that appear.
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
2. Describe in your own words what ‘phishing ‘is
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________

3. How can people be more vigilant and not fall into these traps on the internet?
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
4. What are some good recommendations for strong passwords?
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________