I just got an IM from a buddy. He told me to go to www(dot)geocities(dot)com(slash)picc_81(slash)index.htmThis appeared to be a Yahoo 360 login page. "Odd," I thought, "Why do I need to login to see a Geocities page? And anyway, aren't I already logged into Yahoo?"
Let's view the source. Oh. It sends the login credentials to a script on www2.fiberbit.net -- looks like it emails them to ggeocitiees@gmail.com
Nice job, phish boy.
I've reported it to PIRT, the Gmail guys, and the Google Safe Browsing folks.
Now to contact my buddy and give him the bad news.
No comments:
Post a Comment