Thursday, November 10, 2005

Yesterday Google, Today Yahoo Users Targeted in Phishing Attack

Yesterday, the good name of Google was being used by the fraudsters to "phish" financial information. Today, Google's main competition "Yahoo" is under attack. Yahoo users are getting instant messages (IM's) telling them their account will be blocked unless they respond to a terms of service (TOS) violation.

The uninformed (unfortunate) person (who responds to this) will be tricked into clicking on a URL that takes them to a malicious (fraudulent) website, where they are asked to provide their login and password information.

This latest scam was discovered by the IMlogic Threat Center, who named it "IM.Marphish.Yahoo."

It's not clear what information will be stolen once this occurs, but that probably depends on what can be accessed on an individual (Yahoo) account. Normally, the goal in these scams is to steal personal and or financial information.

In my humble opinion, the best resource to learn more about phishing and how to protect yourself is the Anti-Phishing Working Group (APWG).

On their website, they have a link that is well worth reading for anyone who wants to learn how to protect themselves; How to Avoid Phishing Scams.

For anyone interested in reading the specific report from the IMlogic Threat Center, feel free to click on the title of this post.

No comments: