10 Biggest email blunders of 2009

[seema]

Remember the time when you sent that gossip mail to your boss accidentally? Thought an email blunder couln't get bigger than this! Take heart you are not the only one, there are people and organisations who can empathise with your sorrow/embarrassment/bewilderment!

Email solutions company Proofpoint recently put together some of the "scariest" email-related blunders, mishaps and threats from this year.

In no particular order, Proofpoint highlights some of 2009's biggest email mishaps.

Similar Threads:

• 15 Biggest technology scandals of 2009
• 20 Biggest Flops of the year 2009
• Biggest Break-ups of 2009
• IPL 2: Biggest Controversies 2009

[seema]

In September, it was reported that a banking Trojan horse, dubbed URLZone, had thwarted fraud detection systems, to enable software to actually steal money while users are logged in to their accounts and display a fake balance. Victims’ computers were infected either by clicking on a malicious link in an email or visiting a website that has been compromised with hidden malware.

The Trojan also kept a log of the victim's bank account login credentials, took screenshots, and snooped on the user's other Web accounts, such as PayPal, Facebook, and Gmail.

[seema]

The wife of FBI Director Robert Mueller banned him from online banking after he nearly fell for a phishing scam. Mueller received a seemingly legitimate email from what he thought was his bank, which prompted him to verify some information. He even went as far as filling out some of his personal information before realizing it might not be a great idea.

He said he barely caught himself in time before falling victim to the scam. As a result, he changed his passwords and tried to pass the incident off to his wife as a “teachable moment.” However, that did not stop Mrs. Mueller from sanctioning Mr. Mueller’s online activities.

[seema]

Most recently, more than 10,000 Hotmail accounts were compromised in October and passwords were posted on several websites where developers typically share programming code. News site Neowin reported it had seen part of the list, which has since been removed, and notified Microsoft of the issue. In this phishing scam, hackers sent out legitimate-looking emails under the letterhead of banks, eBay and other institutions, telling consumers they needed to reset online passwords to their Web sites for security purposes.

It seems that many of the affected account holders could have used a password reset. Security researchers with copies of the exposed passwords reported that "123456" was the most commonly used among them.

[seema]

Back in September, social media advertising and applications start-up RockYou, sent out a mass email to their customers and associates announcing their new site redesign, but instead of using BCC:, they displayed the entire mailing list of over 200 email addresses in the CC: field. Not surprisingly, many of those addresses ended up on a spammer’s list.

Two months later, the start-up sent out another mass email using a mailing list. Unfortunately, the email asked contractors to provide information for their W9 tax forms. This resulted in people inadvertently sending personal information to the entire mailing list.