Experts Warn Users of Yahoo Mail about Attacks by Phishing Email Campaign

Softpedia.com reported on 6th May, 2014 quoting a warning by experts as "Yahoo Mail users are advised to look out for emails which are part of a phishing campaign."

The emails entitled: "DSVX Virus Detect in Your Yahoo Mail Account" and read: "We detect dsvx Virus in your Yahoo! Mail account. So it's time to update, before you lose your email access. Your email service won't be affected and you'll keep all your old contacts, folders and messages."

In this case, the name of "dsvx virus" is simply used to scare unsuspecting users into clicking on the attached link in the email.

When Internauts click on the link, they are taken to a Yahoo Mail phishing page which closely replicates the genuine one. In fact, all the links from it point to the genuine Yahoo Mail login page.

However, when users enter their Yahoo! ID and their password and click the "Sign In" button, the information is transmitted to a server controlled by the cybercriminals. Security officials analyzing the phishing campaign explain that to avoid creating any doubts on the mind of victims, they are directed to the legitimate page of Yahoo Mail hosted at mail.yahoo.com.

Disturbingly, it is due to phishing email campaigns of the above discussed types that is leading to a surge in phishing over the Internet, security pundits analyzing the above campaign comment.

To reduce the chances of being victimized by above type of scams, observe the following red flags: Firstly, urgent action required: Fraudsters mostly include urgent "calls to action" to make you react immediately in panic.

Beware of emails containing phrases like "your account will be closed," "your account has been compromised," or "urgent action required". The fraudster is taking advantage of your fear to trick you into disclosing confidential information.

Also, link to a fake website: To trick you into disclosing your user name and password, fraudsters mostly include a link to a fake website (as in this case) which looks like (sometimes exactly same) the sign-in page of a legitimate website (Yahoo in this case).Security experts conclude that just because a site contains a logo of the company or it looks like real page does not mean that it is genuine as logos and the appearance of legitimate websites are easy to copy.

» SPAMfighter News - 5/15/2014