Google recently reported that hackers had tried to get into hundreds of Gmail accounts, including those of government officials, activists and reporters, using a method known as spearphishing in the attempt to gain user passwords. Firm Trend Micro uncovered targeted attacks on both Yahoo and Hotmail as well.
Hotmail was assaulted by attacks that could transmit malicious code to users even when they simply previewed emails and didn't open them, said Trend Micro. Yahoo was reportedly hit by attempts to steal users' cookies to sign into user accounts, as well as attacks using malicious Microsoft Excel sheets.
"Attackers are also attempting to exploit vulnerabilities in popular Webmail services in order to compromise Webmail accounts, to monitor communications, and to gain information in order to stage future attacks," researcher Nart Villeneuve wrote. "These attacks can be difficult to defend against because these often appear to come from recognizable sources. However, there are some clues that can help identify phishing email messages. There are generally spelling and grammatical errors present in the messages that help indicate that it did not originate from the expected source."