Phishers hijack IM accounts - News - Security

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Australia.
--------------------------------------------------------------

Phishers hijack IM accounts

By Joris Evers, CNET News.com
October 17, 2006
URL: http://www.zdnet.com.au/news/security/soa/Phishers-hijack-IM-accounts/0,130061744,339271681,00.htm

In a twist on phishing, cybercrooks are hijacking instant-messaging (IM) accounts to lure people to their information-thieving Web sites.

Traditional phishing scams send out spam e-mail that contain links to fraudulent Web sites. These sites try to trick people into giving up sensitive information, such as credit card details, Social Security numbers or login credentials for online services.

In a tactic that includes an arsenal of online weapons, scammers are now also commandeering IM accounts to spread their bait. The barrage of attacks used includes account hijacking, phishing and SPIM, or spam via instant messaging.

On Friday in the US, for example, a Yahoo employee found that scammers had used her account. They sent her Yahoo Messenger contacts a link to a phishing site. The miscreants had gotten hold of her login credentials, probably through another scam that she had fallen for, the company said.

The link led to a site hosted on Geocities, Yahoo's free Web space service. The fraudulent site looked just like a Yahoo Photos Web site and asked visitors for their Yahoo login information. Yahoo took the scam site down on Friday morning.

"These hackers are super-devious, and we try to stay as much ahead of them as we can, but it is an industrywide issue," a Yahoo representative said Monday in the US.

Education was important in battling the problem, the representative said. As part of that, people should know not to blindly trust links received in IM, even if the link comes from a friend. Such links could be part of an IM worm or, as happened on Friday, bait for a phishing scam.

In August, Yahoo launched a new security feature that lets people customise their login page, a measure designed to thwart phishing scams. The feature requires the user to create a unique "sign-in seal" on a specific PC. This seal -- a text message or photo -- will be displayed on the Yahoo login page when visited with that key.

Phishing is one of the most common online threats. In August, 26,150 phishing Web sites were reported to the Anti-Phishing Working Group, a cross-industry group established to fight phishing.