I’ve just received two attempted attacks of phishing from two of my bloggermates in my Yahoo! Messenger contact list. I guess their accounts are being hacked the time I’ve received those messages, so I want to warn those of you who want to protect your accounts.
For those who do not know, phishing literally means fishing [for passwords], as the letter f is usually replaced by ph in 13375p34k. Another definition could be password harvesting or fishing
There are many methods of phishing attacks, usually through email that, most probably, directly goes to your spam directory [if you have any]. But ones through YM or any other IM accounts that really look like your friends are referring to you to go to are somehow really mind-controlling
.
The method I’ve encountered used a spoof of the Yahoo! Photos Web site inside a Yahoo! Geocities Web page requiring you to sign in with your username and password in the attempt to trick you that your friends’ photos are posted post-login. Please take note that Yahoo! Geocities Web pages are user-controlled, meaning other people just made up that Web page.
The two URIs that was given to me was:
Apparently, those two sites that were IMed to me were already reported and were taken down. Some may still be out there, [or are currently being made] so please watch out still.
Note: Do NOT enter your login details there.
If you take a look at both the main frames’ source pages (the frames with the sign in page displayed), you will see that the form input will go to a mailform (http://www2.fiberbit.net/form/mailto.cgi) with the same email address input of smoke.beer@gmail.com. (Now, spam that bastard!) It just means that your login information will go to his GMail inbox.
The primary solutions for this is within you. You should basically:
- Never trust login forms inside a frame of user-controlled Web page.
- Try to login directly from the site, with secure (HTTPS) connection if possible. (e.g., Yahoo! Login, Google Accounts)
- Never trust friends’ URI referrals unless you really know the site or have checked for security flaws/issues.
I know I haven’t fully discussed what could be done to prevent such intrusions to your accounts, you might even want to change your passwords regularly. Just remember to be aware of such possibilities when visiting untrusted Web sites. Or else, you may be giving them permission to hack you.
More about Phishing:
- URL spoofing and phishing on the Spoofing attack Wikipedia article
- Phishing Wikipedia article
Comments
16 responses to “Phishing Warning”
whoow… thanks for the warning…
Oh well! looks real enough! Haha.. I think Yahoo has to be notified! People might actually melieve that these are yahoo’s service sites.
ahh!!! mejo alam ko na toh!!! kasi i’ve been playing Gunbound. tapos as in Zero cash ung account ko dun. then this player asked if i wanted to earn cash instantly just by logging my account info in this certain website that he told me. shempre di ko ginawa. ayun! tapos marami na ngang nabiktima nang accounts.. Gunbound accounts.. as in nawala lahat ng gamit ng players nila, tapos ubos ung gold kasi ginawang gifts for other accounts.. super same thing, un nga lang Gunbound ung alam ko and the ones you’re referring to in your post are hacked yahoo accounts.. hehehe, thanks for the info na rin!! =]
Well, ginamit din ng script kiddie na yun ung fact na Geocities is part of Yahoo! kaya users are most likely to believe na true Yahoo! Login ung page na napuntahan nila.
Maireport nga ‘to sa Google para ma-close yung GMail account niya. Hmm … Asan na ba ‘yung report abuse link duon? ๐
Thank you very much for the warning
Apir!
the other one has been reported na ata? tapos yung isa nagexceed na daw sa bandwidth limit? so it has probably fooled a lot of people. hehe. but when it comes back up, maybe you can report it to yahoo. hehe. ๐
hey really nice site you got here! and thanks for the phishing warning. ๐
ayun! phishing nga. ahihi..nung kinukwento mo sa y!m di ko gets, nagyon malinaw na ahehe.. ๐ naliligaw tlga ako d2 sa pag-comment nasa gilid kasi di ako sanay. ๐
no. it’s really that browser’s fault. shitty IE. i searched google about it. tapos yun. a lot of people are having the same problem. buti kung nasa pinas ako. ok lang kase makakareinstall ng windows. pero dito. no way. 300+ bucks. never never. id prefer saving for a new computer. but it’ll have to wait cause im saving for school and stuff. ๐
Note: Topic from Nicole‘s Wappy 2.8 entry in reply to Aja‘s comment.
Oo nga, kasi strict sa software piracy diyan. Ayaw ko nang magsalita tungkol sa piracy dito sa Pilipinas. Anything I say may be used against me. ๐
Kaya nga sabi ko save for a notebook PC at least bundled yun usually with an OS. Pero … medyo mahal pa rin nga. ๐
Thank goodness my YM account was never hacked. But yes, I’d be more careful this time ๐ I know some friends who’ve been attacked and at first I didn’t believe them… but yea it’s true. Sad. ๐
Hey, I got you linked already. Thanks ๐
That has never happened to me before, but thanks for the warning.
Hey, napanood mo ba yung CSI? sorry mali nasulat ko sa blog ko, 10PM pala sya whoops ^__^
Hmmm … 9PM–11PM naman ako nanood. Tama naman eh. ๐
HIndi pa ko nakaka encounter ng ganyan before e, hehe.. Anyways, thanks for the warning!