Psst... Come hither, Check out my profile
Well, this is certainly a clever new phish.
From: F-Secure Weblog
Psst... Come hither, Check out my profile: "One of our readers has brought to our attention an interesting instance of a popular Yahoo! account phishing scam. This scam takes advantage of the fact that Yahoo! requires members to logon to their account to verify their age before they can view members with adult content in their profile. Users on Yahoo! chat rooms, besides other places, are enticed to click on a link to view a profile. The link leads to a phishing web page that is a spoof of a typical Yahoo! profiles login page hosted on a domain named yahoo-members.com.
[screenshot in original page]
The interesting thing about this domain is that none of the phishing blacklists we have checked seem to recognize this as a phishing site, which is weird because according to its whois record, yahoo-members.com has been around for about six months now.
This is one more reason why blacklisting should be combined with whitelisting - along with trying to catch all the spoofs of Yahoo! websites out there, phishing filters should also tell the users which Yahoo! sites are genuine. This way, when they go to a spoofed site that is " ...
From: F-Secure Weblog
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home