More about Yahoo Mail phishing

In a previous post, I explained about how Yahoo Mail accounts can be compromised by phishing.

In this blog post, I am going to be brief and just expose the phishing information and hosts used.

Step 1 – Looking at the email

mail-body

 

 

Lots of red flags here, just by looking at the email:

  1. The email sender’s apparent address is weird
  2. The email’s subject is also unusual
  3. The email’s body is also fishy and not true

Step 2 – Revealing the real sender

Click on the sender to reveal the actual email address:

real-sender

 

 

 

 

 

 

 

Now we can see that the real sender is “jcwod@aol.com”. It could be this is the real malicious user or not, but anyway.

When I search for this email on Facebook, I found this profile:

profile

Which in reality could be nothing.

Step 3 – Investigating the link in the email

In step one, the malicious email sender invited you to click on an address to fix the aforementioned “problem”.

Do not click, instead, hover the mouse over the link and look at your status bar. You will see something like this:

phishing-url-hidden

This is a shortened address. In this case, it is used to hide the malicious web address. Let us use the GetLinkInfo.com to reveal the real address:

link-resolved

The address is, obviously, not related to Yahoo! It is: “http://tuckertownforge.com/perfected01/index.html”.

I don’t advise you to go to that address, there could be a browser exploit or equally the phishing site.

The phishing site is supposed to look like Yahoo mail:
yahoo-phishing

DO NOT enter your user name and password on that FAKE SITE!


You may also like:

PayPal account phishing

Depositphotos.com/fabioberti.it
Depositphotos.com/fabioberti.it

In a previous article, How your Yahoo! Mail account can be hacked with phishing – A real life example, I mentioned how Yahoo email phishing can take place. Phishing can take place with any website especially where hackers have a chance to steal money.

I keep receiving PayPal.com phishing emails. The sender pretends to be from PayPal and asks me to take some action and click a link to remedy the situation: “Warning! Your PayPal account was limited!” Continue reading

How your Yahoo! Mail account can be hacked with phishing – A real life example explained

Introduction

In this article, I am going to illustrate a real life scenario where an attempt to hack my email account was carried by fooling me into giving my user name / password through a fake website that looks like Yahoo! Mail.

Such attacks, where the victim is lured into entering information in what looks like an innocent website, are called “phishing attacks”. Wikipedia defines “phishing” as the following:

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication

In the subsequent sections I will show you how the attack is carried, how you can inspect such emails by yourself and then conclude by giving you some safety guidelines. Continue reading