myManila » Yahoo! Phishing Attack uses Geocities

A Yahoo! Instant Messenger phishing attack is using Geocities to lure users to divulge their Yahoo! Login and Password. The phishing attack sends messages like this:

http://www.geocities.com/oxox0o_angel_oxox0o/ ^:)^ guess where this pic was taken and guess who is behind me in the picture

to buddies of accounts they have collected and tricks them into logging into a spoofed Yahoo! Page. The phishing attack then use the new accounts to gather more Yahoo! identities.

In order to prevent your password from being stolen, be very suspicous of unexpected messages from friends on your Buddy List that may have had their identities stolen. You may verify with your friends first if they recently received a phishing attack like this or have been unable to login to their Yahoo! Accounts.

Are you affected?
If you have fallen victim to this attack (i.e. You logged on into the fake page). Change your password, password reminder and keep your back-up email information upto date. If you are unable to login to your Yahoo! account, there is a possibility that you will be unable to recover your password or account.

More Information:
TrendMicro.com - Please Log In � YM Phishing

Comments

Add to 5 comments

nina said:

Peter!
It’s a good thing I read this, because just now, I received a message from two of my friends that fit this perfectly. The URL is http://www.geocities.com/t0_dream/

Posted on Monday, 2 January 2006 7:11 pm

Peter said:

Thanks nina! I’ll forward that additional URL to security engineers.

Posted on Monday, 2 January 2006 10:45 pm

james said:

where do you submit these fake URLs to security personnel?

Here is one I found.

http://www.geocities.com/spicy_2006girl/

Posted on Wednesday, 14 June 2006 1:31 pm

JATTI said:

I WANT TO HACK THE PASSWORDS IN YAHOO CAN ANY 1 HELP ME

Posted on Sunday, 6 August 2006 12:50 am