Phishing in Yahoo! Geocities?

← Back to Stories (view on slashdot.org)

Phishing in Yahoo! Geocities?

Posted by ryuzaki0 on Tuesday July 11, 2006 @12:50PM from the what-can-you-do dept.

Van Cutter Romney asks: "I've received a lot of phishing IMs on my Yahoo! Messenger from contacts whose accounts I guess have been hacked into. All the phishing messages lead to Geocities websites like this where the user is displayed a Yahoo! login page. For most people, the page looks legitimate and they enter their Yahoo! username and password (I was nearly fooled once). Since both the website (Geocities) and the messenger belong to Yahoo!, I'd like to know if they are doing to anything to counter these attacks."

6 of 54 comments (clear)

Min score:

Reason:

Sort:

I knew there was something strange going on... by walnutmon · 2006-07-11 12:59 · Score: 4, Funny

When I was asked for my username, password, and sexual orientation...

--
You take it, I don't want it...
1. Re:I knew there was something strange going on... by StikyPad · 2006-07-11 15:53 · Score: 4, Funny
  
  When they came for the usernames,
  I remained silent;
  I was not a username.
  
  When they locked up the passwords,
  I remained silent;
  I was not a password.
  
  When they came for people with sexual orientation,
  I did not speak out;
  Because I have no idea what that means.
  
  When they came for me,
  there was no one left to speak out.
  
  --
  https://www.eff.org/https-everywhere
Someone's asleep at the wheel. by Anonymous Coward · 2006-07-11 13:11 · Score: 5, Funny

And yet the worst fishing site on geocities is still up-- since something like 1998? Someone's asleep at the wheel.
Re:Slashdot asks Van Cutter Romney by L7_ · 2006-07-11 13:14 · Score: 4, Informative

check the bottom of this page: http://privacy.yahoo.com/privacy/us/security/detai ls.html
Ummm by Otter · 2006-07-11 13:25 · Score: 4, Insightful

Since both the website (Geocities) and the messenger belong to Yahoo!, I'd like to know if they are doing to anything to counter these attacks.
Maybe I'm missing something, but why the hell are you asking us?

--
What I'm listening to now on Pandora...
Terms of service by Spy+der+Mann · 2006-07-11 13:35 · Score: 4, Informative

report the webpage and you're done.

Geocities is a kinda abandoned place (So much that webcomics make fun of it). There's no customer service, everything's automated there. The only thing that (I hope) isn't, is the "report offensive page" etc. The only change done to it was aesthetic and in the code. But the infrastructure remains.

In other words, geocities servers do NOT have personnel searching and identifying phishing sites on them. They have to rely on the users.

(This and popup ads led to the fall of free homepages. Most pages now are categorized in specialized sites: webcomics, blogs, art, fiction, and with youtube, videos).

This was bound to happen sooner or later. Yahoo neglected geocities, is it a mystery that it became a meeting point for illegal activities?