Webconsuls Blog

Friday, February 13, 2009

Yahoo Phishing Hijackings- Be on the Lookout

I have recently come into contact with  a Phishing scheme where an owner of a Yahoo Search Marketing sponsored search account was emailed falsely as Yahoo.  The account owner then logged into this fake page giving the phishing thieves access to that account.  The thief then hijacks the account using someone else's money to pay for advertising until the fraud is captured and stopped by Yahoo themselves.  Whats more is that the thieves even leave the previous advertising campaign active and running so that the owner will not notice any difference until logging in to the account itself.
Similar fraudulent tactics have been widely publicized with eBay.  Again, this is not Yahoo or eBay's doing and that parent company does give all stolen funds back to the rightful owner.  But the best case scenario is a major headache and time wasted researching the issue and dollars lost/refunded.
In conclusion, do not ever log-in to any account of any type using a hyper-link from an email.  Always go to your normal log in page to enter in private information.  I promise you will not notice a difference in the fake and real log in pages- these guys are pro's.  Save the irritation and time.  It can happen to anyone not paying attention.
Here is Yahoo's company line on the matter- http://www.ysmblog.com/blog/2008/12/12/no-phishing-here/

No comments:

Post a Comment

Thanks for your comment!