NEWS FROM THE LAB - Wednesday, May 31, 2006

Yahoo Profiles Phishing Redux Posted by SGMasood @ 12:19 GMT


Regular readers of our weblog will remember a post we made during the first week of May about a Yahoo! Account phishing scam. It was not flagged at that time by any of the popular URL blacklists and URL rating services that we checked it against, inspite of it being around for a significant amount of time. Well, surprisingly, the phishing site (yahoo-members.com) is still active even though the Yahoo! abuse team has reportedly taken action against it. Even more surprisingly, several URL blacklists and rating services still fail to warn against the site even though they were alerted to it weeks ago.

The most likely reason for the longevity of the phishing site is that it was not a widespread attack and it didn't target a major financial service. Hence, it managed to stay under the radar of the blacklists. Since way-under-the-radar spear phishing is the fastest growing category of phishing, this certainly doesn't portend a good future for most existing anti-phishing measures in the market - considering blacklisting is currently the most popular method for combating phishing.

We would like to hear what you think are good solutions to combat highly targeted spear phishing attacks. E-mail us at the weblog address listed at the top of this page.