Stockholm Yahoo Mail Account Hit by a Phishing Attack
On April 14, 2010, at around 2:14 pm local time, a user's Yahoo mail account was hacked in Stockholm, Sweden, as per the news published by People's Daily Online on April 14, 2010.
The account of Xuefeic was hacked. She learned about this hack when two of her friends called her to inform that her e-mail ID was being used by some one to circulate information-asking people for money and that she couldn't access her e-mail account any longer.
The text of the phishing e-mail begins with the introduction of the user informing readers of her trip to UK. The text says that she received an emergency phone call regarding her nephew who resides and works in the UK, and was in critical condition. Her nephew was allegedly suffering from kidney failure and needed family support. To keep him alive, a transplant was the need of the hour. So, the email asked the recipients for a loan worth USD 2,500. The message further said that she did not have any idea of the illness, and he was required to be operated at the earliest.
According to the security experts, such scams are nothing new. This scam is just a variation of AFF-Advance Fee Fraud. In fact, to mitigate these scams, AFF Coalition was declared on October 28, 2008. Its founding members, Yahoo! Inc, Microsoft Corp, the African Development Bank, and the Western Union Company made this announcement to increase awareness among the consumers worldwide regarding the threat posed by fraud e-mails.
Yahoo says that the users, by setting up personalized Yahoo! sign-in seals, can easily combat password theft. Whenever a user signs into Yahoo, his sign-in seal will be visible, and if the sign-in seal is not there, it's most likely to be a spoof page designed by a phisher. Moreover, this security seal is connected to the users' system, and not Yahoo! ID. Therefore, the user has to create a Yahoo! sign-in seal for each system which is in use.
» SPAMfighter News - 26-04-2010