Yahoo Instant Messenger has been used to spread a phishing scam designed to steal username and password information from users. The scam is then spread further using the user's contacts list.
First detected on Friday in the US, the IM arrives from someone in your contact list with a link to a Geocities Web page and smiley faces surrounding the link. When clicked on, the link opens a page that looks like a legitimate Yahoo 360 sign-in page.
Yahoo is investigating the matter and will take down the Geocities Web site if it is perpetrating a scam, a Yahoo spokeswoman said. Geocities is Yahoo's free Web space service. Yahoo also will add filters to the Messenger system to prevent the malicious link from being propagated, she said.
Phishers often use smiley faces and other emoticons to make the victim feel that the IM is safe. Geocities sites are often used in phishing scams. Such scams are not new and are becoming increasingly more common.
IM users should not blindly trust links they receive even if the link comes from a trusted source or friend. Users should confirm that the person behind the IM account actually sent the link and that it is legitimate.
If you are duped, immediately change your password and notify your Yahoo IM contacts about the malicious IM. Yahoo users also can customize their Yahoo log-in page with a security seal so they will know that the site is legitimate. Yahoo has provided more information here.
