[ISN] Phishers hijack IM accounts

From: InfoSec News (alerts@private)
Date: Mon Oct 16 2006 - 23:29:30 PDT


http://news.com.com/Phishers+hijack+IM+accounts/2100-7349_3-6126367.html

By Joris Evers
Staff Writer, CNET News.com
October 16, 2006

In a twist on phishing, cybercrooks are hijacking instant-messaging 
accounts to lure people to their information-thieving Web sites.

Traditional phishing scams send out spam e-mail that contain links to 
fraudulent Web sites. These sites try to trick people into giving up 
sensitive information, such as credit card details, Social Security 
numbers or login credentials for online services.

In a tactic that includes an arsenal of online weapons, scammers are now 
also commandeering IM accounts to spread their bait. The barrage of 
attacks used includes account hijacking, phishing and SPIM, or spam via 
instant messaging.

On Friday, for example, a Yahoo employee found that scammers had used 
her account. They sent her Yahoo Messenger contacts a link to a phishing 
site. The miscreants had gotten hold of her login credentials, probably 
through another scam that she had fallen for, the company said.

The link led to a site hosted on Geocities, Yahoo's free Web space 
service. The fraudulent site looked just like a Yahoo Photos Web site 
and asked visitors for their Yahoo login information. Yahoo took the 
scam site down on Friday morning.

"These hackers are super-devious, and we try to stay as much ahead of 
them as we can, but it is an industrywide issue," a Yahoo representative 
said Monday.

Education is important in battling the problem, the Yahoo representative 
said. As part of that, people should know not to blindly trust links 
received in IM, even if the link comes from a friend. Such links could 
be part of an IM worm or, as happened on Friday, bait for a phishing 
scam.

In August, Yahoo launched a new security feature that lets people 
customize their login page, a measure designed to thwart phishing scams. 
The feature requires the user to create a unique "sign-in seal" on a 
specific PC. This seal--a text message or photo--will be displayed on 
the Yahoo login page when visited with that key.

Phishing is one of the most common online threats. In August, 26,150 
phishing Web sites were reported to the Anti-Phishing Working Group, a 
cross-industry group established to fight phishing.

Copyright 1995-2006 CNET Networks, Inc. All rights reserved.


_________________________________
Visit the InfoSec News store!
http://www.shopinfosecnews.org 



This archive was generated by hypermail 2.1.3 : Mon Oct 16 2006 - 23:44:56 PDT