Phishers Target Yahoo! Messenger

[Jeff]

By Munir Kotadia
CNET News.com

Yahoo's free instant-messaging service is being targeted by phishers attempting to steal usernames, passwords and other personal information.

Yahoo confirmed Thursday that its service, Yahoo Messenger, was being targeted by a scam. According to the company, attackers are sending members a message containing a link to a fake Web site. The fake site looks like an official Yahoo site and asks the user to log in by entering a Yahoo ID and password.

The scam is convincing because the original message seems to arrive from someone on the victim's friends list. Should the recipient of the phishing message enter his details on the Web site, the attackers can gain access to any personal information stored in the victim's profile and, more important, access to the victim's contact list and IM friends list.

A Yahoo representative told ZDNet Australia on Thursday the attack was not very widespread but that consumers should be aware it exists so they can protect themselves.

Source: CNET News.com

[Oreo]

I think a number of people have been duped by it...they've posted here about it. Though, who knows...that could be a whole different scheme. The important thing is to think before you click. If you were not expecting a link from some one...don't click on it. If it's important enough they can always send it again. :)

[rizzo]

listen, from what i know stay away from all geosites websites, you dont even have to enter a user and password , they got you.

[UnSaKreD]

This has been going on for years.

It is the easiest way to steal a username and password, and Yes. You do need to enter the Username/pass to have it stolen.

The webpages are generally yahoo! photo logins.

I still can't believe people are falling for it.

If it doesnt say yahoo in the adress bar, then don't put in your yahoo user / password!

[neo_ny_23]

Ah this has been going on for too long. Even I have created couple of websites like that for the sake of it (not to fool any one but just to see how it works). There are three ways one can detect that its a fake login page:

a) First look for the complete address on the address bar. If its something like http://geocities.yahoo.com/someuser/yahoologin.html then obviously you can tell that its a fake website. Look for the address first.

b) Usually, phisers use free website services and free website builders usually put advertisements on the websites. So it means when you go to the fake login screen, you will see many advertisements flying around there.

c) If you are suspicious that some page might be a fake login, try entering a fake user id and fake password. After hitting enter, you will know yourself whether the login page is valid or not.


I hope this helps.

[UnSaKreD]

Excellent suggestions neo, couldnt have said it better myself.

Although, the address bar can be tricked, there was an old IE 5-6sp1 exploit to change the address bar. I made a fake login page w/ that totally spoofed a login screen.

Best bet is to use a fake id and pass, just to see what it does, or view the source code to find out if it uses the http://login.yahoo.com in the form post.

[fissitagain]

OK, they got me..I had had the old account for about nine or ten years, changed Jobs a couple times, had a few computer crashes, had my address changed, as well as my numerous changes in my life..The bottom Line is that i have no record of what my original information was..and I miss my friends..i tried searching for them by the information that i know, vbut the new messenger , as far as i know does not let me do this..I can telephonea couple of them but the rest think I have abandoned them..Can you tell me how to find my old friends and addresses?