Friday 12 October 2007

Phishing via Instant Messaging

I just got an IM from a buddy. He told me to go to www(dot)geocities(dot)com(slash)picc_81(slash)index.htm

This appeared to be a Yahoo 360 login page. "Odd," I thought, "Why do I need to login to see a Geocities page? And anyway, aren't I already logged into Yahoo?"

Let's view the source. Oh. It sends the login credentials to a script on -- looks like it emails them to

Nice job, phish boy.

I've reported it to PIRT, the Gmail guys, and the Google Safe Browsing folks.

Now to contact my buddy and give him the bad news.

No comments:

Post a Comment