See your link here
October 12, 2007 - 6:09 P.M.
Phishing via instant messaging
I just got an IM from a buddy. He told me to go to www(dot)geocities(dot)com(slash)picc_81(slash)index.htm
This appeared to be a Yahoo 360 login page. "Odd," I thought, "Why do I need to login to see a Geocities page? And anyway, aren't I already logged into Yahoo?"
Let's view the source. Oh. It sends the login credentials to a script on www2.fiberbit.net -- looks like it emails them to ggeocitiees@gmail.com
Nice job, phish boy.
I've reported it to PIRT, the Gmail guys, and the Google Safe Browsing folks.
Now to contact my buddy and give him the bad news...
Reply
Print
Email this
Digg this
