Yahoo Phishing Mail real case study
This article shares one real case study. How hacker uses a phishing site to steal your ID/PWD.
First, you receive mail from “Customer Service” with mail subject “Yahoo Mail Update Required!”
If we take closer look of the mail sender address, it shows “lbergen@shaw.ca”
Obviously, it’s NOT from yahoo. However, if you are using mobile phone to read the mail, it’s very difficult to observe and notice it.
Once you click the “Update” link in the mail, it will direct you to the phishing site.
rdgdfsd.altervista.org/acctupdate.html
Again, it’s NOT yahoo site. In addition, it’s an ORG site URL. “.org” site can also be used as phishing site not only .com.
It also shows you the popup window and require you to do sign-in again.
As you see the site looks exactly the same as Yahoo
if we use “virustotal.com” to analyze the URL, you will see the detection ratio is getting higher. 8/61. It means 8 antivirus vendors detects this URL as suspicious site out of 61 vendors.
a