Phishers get their hooks into IM...
Published: 31 August 2005 11:35 GMT
A website designed to look like an official Yahoo! service offering free games but most likely designed to facilitate ID theft has been discovered by internet security firm Trend Micro.
The fake site, which was still live as recently as today, is being hosted on a Yahoo! Geocities account and asks users to log in with their Yahoo! user ID and password. Once the details are entered, the site displays a slogan "PAGINA HACKEADA - CUIDADO!", which means "hacked page - be careful" in Spanish.
Adam Biviano, senior systems engineer at Trend Micro Australia and New Zealand, said victims are being lured to the website by spam sent over Yahoo!'s instant messenger service. This means a user will receive a message - often from someone on their friends list - telling them to visit the site, which makes the scam more believable.
Biviano said: "It is basically a honeypot to try and attract people there to sign up for online games. I am of the opinion that this is probably just [being promoted] with spam." He conceded the messages could be generated by a virus or other malware, adding "viruses making use of instant messenger are becoming far more popular".
According to Biviano, the site only has one purpose - identity theft.
"This is really showing that identity theft is where the next big threats are heading. The only reason for this site to exist - it is not stealing credit cards or taking any money off you in any way - it is just after personal details," he said.
Yahoo! was unavailable for comment.
Instant messenger applications have been attacked on a regular basis over the past year with various viruses and worms taking advantage of users' focus on malicious email-based attacks.
Last week, a variant of the Kelvir worm attacked users of Microsoft's MSN Messenger service in 10 different languages - depending on the user's system setting.
This attack came just weeks after the Opanki worm attempted to infect instant messenger users with a malicious file disguised as a version of Apple's iTunes application.
Munir Kotadia writes for ZDNet Australia
On-line games Developer - Flash, Actionscript 3, Java, C++, web, iphone - London to 45000 Brilliant on-line games software house with massive growth ...
Skills to include: C++, PS3, XBox, PC, games or graphics Here is an opportunity for game systems programmer to work for a company based in London who ...
Or Grand Theft? We’re getting close, part of the coolest film production houses in the know universe, they seek talented C++ graduates with a ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business
Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...