Those dastardly phishers have been up to their tricks again, and this time it seems they reeled in over 30,000 email passwords.

The BBC is reporting that a phishing attack first reported yesterday, and thought to be limited to Hotmail, has actually proven to be even larger than first suspected.  The account holders that were hit in the latest attack came from Hotmail, Gmail, Yahoo, AOL, Comcast and Earthlink.

The phishers used fake web sites to lure people into using their passwords to “log in”, but in actuality they were capturing those passwords for nefarious uses.  The total list of the captured accounts and passwords were later posted on a web site for hackers to download.  The list has since been removed, but it is highly probable that multiple copies were downloaded before that action was taken.

Google was the quickest to respond, and has pinpointed the affected Gmail accounts.  All of those account holders have been contacted and instructed to change their passwords after having a forced reset done on them by Google.

A Google spokesperson said to the BBC:

We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts.  As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them.

This is not viewed as a security breach by any of the companies as in all of the cases the users had to take an action to use their passwords.

Remember to always protect your password, and if you have to create a new one, make sure it is a strong password.