![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
phished the other day, and this is so clever that it even worked, even though he's in IT.
In the briefest way possible: double-check any links you get through IMs!!
Details: my friend received an instant message through his trillian client that appeard to be from a known real life friend. when he clicked the link, it sent him to what appeared to be a Yahoo! login page. of course, this being a fraud, when he put in his username and password, they were captured and used to rape his Yahoo! account. unfortunately he had a lot of emails from financial transactions and other sensitive information.
I really hate this because I like having online backup of my financial information, and I tend to trust Yahoo! -- and capturing and using your friends list just sucks eggs.
however, for the now-alerted, this ploy is as easily transparent as many others. looking at the actual url, in the address bar above the window, he was not actually linked to a yahoo.com webpage. until someone actually working at yahoo goes over to the darkside we're safe from that!
meanwhile, know that your friends list may be compromised and check those links...
In the briefest way possible: double-check any links you get through IMs!!
Details: my friend received an instant message through his trillian client that appeard to be from a known real life friend. when he clicked the link, it sent him to what appeared to be a Yahoo! login page. of course, this being a fraud, when he put in his username and password, they were captured and used to rape his Yahoo! account. unfortunately he had a lot of emails from financial transactions and other sensitive information.
I really hate this because I like having online backup of my financial information, and I tend to trust Yahoo! -- and capturing and using your friends list just sucks eggs.
however, for the now-alerted, this ploy is as easily transparent as many others. looking at the actual url, in the address bar above the window, he was not actually linked to a yahoo.com webpage. until someone actually working at yahoo goes over to the darkside we're safe from that!
meanwhile, know that your friends list may be compromised and check those links...
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
(no subject)
Date: 2006-03-31 03:41 pm (UTC)Actually, there have been a number of phish landing pages that used javascript exploits to hide the contents of the address bar, so that may not necessarily be the best way to handle it.
Also, in many IM clients, you can send a link that appears to go to one place, but actually goes another (in much the same way that http://www.yahoo.com (http://hanov3r.com/fake_yahoo.html) doesn't go where you think it does). In Trillian (and probably other IM clients), hovering over link text will display a popup showing the actual destination of the link. Make sure you check where you're going before you get there!
(no subject)
Date: 2006-04-02 02:25 pm (UTC)Other things one could do:
1. Double-check with any friends who send you random links out of the blue.
2. Keep your business and personal lives separate by keeping any sensitive information on accounts used only for that.
I'm going to be doing both of those! Usually I don't give out the email/IM that leads to the same accounts I use for my phone/credit card/bank -- But now I'm going to double check to make sure!!!
(no subject)
Date: 2006-03-31 03:55 pm (UTC)(no subject)
Date: 2006-03-31 04:55 pm (UTC)One good thing is it doesn't look like the guy that did this did anything to the accounts he captured. Art had a lot of sensative financial information in his yahoo, and none of it was touched that we can tell. We changed passwords and such on things like that, but according the banks nothing has even tried to come through. I think the phisher was trying to screw with Yahoo (take over messenger, overload their systems with "Help me!" messages."
(no subject)
Date: 2006-04-01 03:25 pm (UTC)