AOL Email has been hacked, or at least somewhat hacked. If you get a suspicious email from an AOL user it is recommended you don’t open it, and delete it immediately.
AOL, the somewhat still popular email service is experiencing a large compromise in users accounts. It is unclear on how many users accounts have been compromised, but a portion of users online have noted their accounts were comprised and used to send email spam. Even emails that have been dead for years are confirmed to be sending spam emails.
AOL has acknowledged the hack as of yesterday and noted that user accounts are most likely not hacked. Instead, they claim its a large scale spoofing attack. AOL has noted they are doing everything they can to resolve the issue.
“AOL takes the safety and security of consumers very seriously, and we are actively addressing consumer complaints,” AOL said in a recent statement regarding the attack. “We are working to resolve the issue of account spoofing to keep users and their respective accounts running smoothly and securely.”
Spoofed emails are spam emails seemingly coming from a certain user account, but are begin sent by an attacker. A spoofed email could be an attacker posing as a friend or company to get you to input sensitive data or click on a malicious link. Inside your inbox the email will appear that it is genuinely from that email address. Email spoofing has been one of the longest lasting attack methods cyber criminals have used to gain unauthorized access to accounts. Cyber criminals can steal emails, bank accounts, and various other sensitive credentials with such attacks by acting as someone they are not. In short, email spoofing is exactly what it sounds, a spoofed email.
As noted, spoof attacks are nothing new, but this campaign has started to pick up on various social media channels. Over the weekend till now the hashtag, #AOLhacked, has been surfacing Twitter.
As spoofing and hacking are a bit different, there is not much any AOL email user can do. To spoof an email, the attacker does not need to know anything other than your email address. AOL users can delete their email and remove their address book, but attackers already have this information and are utilizing it.
AOL noted on their Twitter (@AOLMailHelp) “Once your account if spoofed, there is nothing else that can be done.”
Analysts suspect that AOL mail may have suffered an address book webmail exploit. Web designer and programmer, Brian Alvery, agrees.
“When you load [AOL’s] webmail interface your browser makes several calls into AOL for data. One is to login. Another is to load all the messages in your inbox. Another is to load your address book so you can a) see who your friends are and b) easily send them email, auto-completing addresses as you type them. Each of those data calls should have security checks.” Alvey reported on his blog.
Alvery reports that the attackers may have gained access to an exploit that allowed them to steal users address book without knowing the users password, or someone stole a large list of address books inside AOL.
Some recommended to change your password and/or delete old AOL accounts that may have been compromised, it is unsure if this will help stop the massive spam campaign. The ongoing attack has not been fully account for, but is under investigation.