IM account info found online

Security firm Symantec has warned that information relating to instant-messaging accounts such as email addresses and passwords can be easily found online.

The company found that a simple web search was all that was required to reveal the information for thousands of instant-messaging accounts.

"It was discovered that people’s IM account information is available online by searching keywords such as '[IM USERNAME] password txt filetype:txt'," Trevor Mack of Symantec wrote on the company's blog.

"Hundreds of search results are returned containing the details of the requested information. Moreover, some of the information has proven to be valid," continued Mack.

The information was gathered by cybercriminals using Trojan horse-type malware, said Symantec.

Typically, a surfer would be presented with what looked like the login interface for an instant-messaging client and enter their passwords, unwittingly passing on the information to the cybercriminals.

"To prevent such a security incident from happening, always download the IM application from the official website. Avoid downloading altered versions with alleged add-ons or fancy functions from unauthorised third-party websites," warned Mack.