If you’ve received the following URL link from either myself or anyone thru Yahoo! IM in the last week or so and you clicked on the link and tried to log in with your Yahoo! username and password... CHANGE YOUR PASSWORD IMMEDIATELY!


http://www.geocities.com/isyourfriendneartoyou3/


This site is actually a “phishing” site... someone set it up to “look” like it’s a valid Yahoo! page ... asking for your Yahoo! username and password. But when you enter your info it doesn’t let you log in. And ultimately they’ve just “captured” your Yahoo! username and password.

Please pass this on to others so they know what is going on. I’m sorry if you got caught up in this. These people are unscrupulous and ultimately need to be strung up by their... well... you get my point. <blah>

Yes Paul and I (and several others I know) fell for this... :( And yes we've all changed our Yahoo! password...

Don't people have anything better to do then to create crap like this? I mean honestly... what can they "steal" from a Yahoo! account? Aren't most accounts free?

First of all, Prr, rather than saying "DO NOT CLICK THIS LINK" to either side of it, you may as well do the following to the link:


http://www.geocities.com/isyourfriendneartoyou3/




Post that in place of the link, and it won't parse into something clickable.


Thanks for the warning; I haven't been contacted, and I'm always suspicious of links that anyone gives me. Good to be paranoid sometimes. :p

Thanks ST. :) Apparently it's been going around thru friends of mine in Yahoo!... between many of us.

This is a pretty good time to learn that you never, never, never, never, never, never, never under any circumstances put any personal information into a site that you visit by link.

Email, IM, IRC, and any other text communication format are inundated with links such as this. I get emails every day from credit card companies I don't even have cards with that link to sites that look perfectly legit until you notice the url is something like "http://www.ugievinfo.com/www.citibank.com/index.php". Every day some sucker loses his identity because he ignores the daily news flash that such sites exist. He posts his warning and minutes after reading it some other sucker falls for the same ploy.

You've got to be paranoid and trust nothing other than a site address you have typed yourself.

If I get a phone call about personal business I politely decline to give them personal information, then call the customer service number myself and inquire about the problem. If I get an email with a convenient link to my account login, I ignore it and type the address by hand like I always do. If I get an IM from the representative of whatever service, I tell them to send their request to the email I signed up with and block them. Taking a few simple measures keeps you safe.

if anyone you dont know IM's me, i ask who they are. if i don't know them, they get blocked. i generally discard all emails i am not expecting as well.

i guess this is the short version of Atma's post.

Paul and I both received the links from people in Yahoo! that we trusted. And seems these same people we trusted received the link from us. They trusted us so they clicked the link and tried to view it.

Both of us looked the "page" over... didn't see anything wrong with it and just went with it (much as we both know better). Many others did the same thing as we did... looked at the page... it looked valid and went with it.

Blah...

I have to admit that had I gotten a link, I might have fallen for it. But, since Yahoo is the least used IM client of mine (I do use it because GAIM supports it, but it's been ages since I've actually talked to anyone on it), I haven't gotten any phishing links from it.

If I get IMs from people I don't know, I usually wait for them to tell me who they are before I respond (on very rare occasion I will ask directly).

Paul and I both received the links from people in Yahoo! that we trusted. And seems these same people we trusted received the link from us. They trusted us so they clicked the link and tried to view it.

Both of us looked the "page" over... didn't see anything wrong with it and just went with it (much as we both know better). Many others did the same thing as we did... looked at the page... it looked valid and went with it.

Blah...Oh I'm not accusing you, just pointing out what you should learn from this. It seems like you were the victim of either a virus or one of the other schemes people set up so they can inject phishing URLs into IMs.

I reiterate: even if Jesus Christ Himself were to send me a link to one of my account pages, I'd still ignore the link and navigate to the account information page the same way I always do. The ways to disguise the source of the message are too numerous to take a risk and I'd hate to fall prey to a false prophet.

If you know what to look for, it's easy to spot almost any phishing scam out there, whether by e-mail or by IM. Yahoo mail does an excellent job of screening out spam, much better than hotmail (which doesn't do a half bad job anyway), so I hardly ever have problems from there. IM is usually too easy to spot, because people I don't know pop up with links, and that's a tell-tale sign.

Anyway, follow these rules and you'll be okay 98% of the time:


1. Always check the spelling. Spam bots, whether through IM or e-mail will almost never spell everything correctly, because the spam filters will detect them if they do. Usually, they detect them if they don't, but some slip by. Check all of the simple characters, such as L's, I's, and O's. You'll often see zeroes or capitalization errors for the latter, and the number one or the "|" character for the former two (shift + forward slash).

2. Always check the links. I don't always hand type things like Atma suggests, but I'm careful to check the link before I click it. Fake links will often have non-standard suffixes (not ".com", for instance; things like ".cn", ".de", ".jp", etc.), or start with crazy addresses. Lots of e-bay scams come to my box with Ip addresses in the front of the links, or other crazy prefixes. Odds are, if the link looks suspicious, it's a fake.

3. Think about what the communique is asking. Do you have an e-bay, pay pal, or citibank account? Have you accessed it recently, and possibly provoked this e-mail? Often times, unless you are engaged in activity such as auctioning something, online bill paying, or other situations where you specifically ask the website to contact you, a consumer site will not contact you unless you contact them first (i.e. buying something, requesting info, etc.).

4. Use common sense. Almost all sites that deal with personal information, or require you to log in for any reason have a policy about not contacting users for information through e-mail or any other means. Websites only send information, not request it.

Atma... I've learned my lesson... the hard way.

DarkRaven... took notes of your comments and for the future will use them.

But... taking the example of the link from this very thread... there wasn't anything misspelled, misused or looked out of place.

I fell for it once... won't fall for it again.

Username: Eatadick
Password: Phisher

Heh. Glad to hear you learned your lesson, Prr.

But... taking the example of the link from this very thread... there wasn't anything misspelled, misused or looked out of place.Except that the site is spoofing http://photos.yahoo.com from a geocities domain. Yes, Yahoo owns Geocities, but every yahoo service I can think of is located on a subdomain of the format service.yahoo.com.

Never trust a link, period.

*edit* I think it's a nice touch that the only deviation from photos.yahoo.com is the graphic in the upper left to help protect you from phishing.

My parents got an Ebay phishing e-mail a long time ago. They were suspicious of the message, so they asked me to look it over before they clicked on anything. It was obvious that it was coming from a scammer (due to the address), so I had them notify Ebay's anti-phishing service so that they could trace and squelch the person who sent it.

I don't know how IM messages work, but Yahoo probably has a similar service that you can contact if you still have a copy of the message.