Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phishing in Yahoo! Geocities?

Posted by ryuzaki0 on from the what-can-you-do dept.

Van Cutter Romney asks: "I've received a lot of phishing IMs on my Yahoo! Messenger from contacts whose accounts I guess have been hacked into. All the phishing messages lead to Geocities websites like this where the user is displayed a Yahoo! login page. For most people, the page looks legitimate and they enter their Yahoo! username and password (I was nearly fooled once). Since both the website (Geocities) and the messenger belong to Yahoo!, I'd like to know if they are doing to anything to counter these attacks."

2 of 54 comments (clear)

  1. Re:Slashdot asks Van Cutter Romney by L7_ · · Score: 4, Informative

    check the bottom of this page: http://privacy.yahoo.com/privacy/us/security/detai ls.html

  2. Terms of service by Spy+der+Mann · · Score: 4, Informative

    report the webpage and you're done.

    Geocities is a kinda abandoned place (So much that webcomics make fun of it). There's no customer service, everything's automated there. The only thing that (I hope) isn't, is the "report offensive page" etc. The only change done to it was aesthetic and in the code. But the infrastructure remains.

    In other words, geocities servers do NOT have personnel searching and identifying phishing sites on them. They have to rely on the users.

    (This and popup ads led to the fall of free homepages. Most pages now are categorized in specialized sites: webcomics, blogs, art, fiction, and with youtube, videos).

    This was bound to happen sooner or later. Yahoo neglected geocities, is it a mystery that it became a meeting point for illegal activities?