November 9th, 2006


Warning! Yahoo Messenger phishing scam. Don't fall for it!

I just came within a twitch of my thumb of falling for a password collecting phishing attack, and compromising my Yahoo account. I feel dumb, but not really dumb, because I almost fell for it, didn't quite.

  1. I got a YM IM from a friend, that just had a smiley and a geocities URL.
  2. I went to the url, and it kicked up a Yahoo login page for Yahoo Pictures. I thought, damn, Yahoo keeps wanting me to log in over and over again.
  3. I filled out the username and password, and had the pointer over the submit button...
  4. When I realized that the URL bar handn't changed, ie, I hadn't been redirected to * URL, *and* the username hadn't been prefilled, which means that the cookies nor the stored password autofiller for Yahoo had recognized the page.
  5. I took the page's HTML apart, and figured out that what it was going to do was email my username and password to some webmail account in a shithole country.
  6. I am guessing that what will happen next is it would take my yahoo account info, log into ym, and try to trick everyone on my friendslist.
  7. And with my Yahoo account, it can also get into things like Yahoo Wallet. !!

If you get a YM from a friend that is just a URL that send you to a Yahoo login, don't just log in!. Check the URL at the top of your browser first, and be watchful and suspicious. Only give your Yahoo password to a real URL.