IMlogic Threat Center reports new instant messaging phishing attack, IM.Marphish.Yahoo, is spreading over the Yahoo instant messaging network attempting to collect end-user login and password information.IMlogic:
WHAT: Industry leader IMlogic (www.imlogic.com) is warning
customers that a new phishing attack, IM.Marphish.Yahoo,
is being broadcasted over the Yahoo instant messaging
network. This new attack sends users a message that
appears to be from the Yahoo "abuse department" and
informs the user that they are in violation of the Yahoo
Terms of Service Agreement. The message informs the user
they must respond to this complaint to prevent their
account from being deactivated, and includes a URL to a
malicious site hosted at the 42.pl domain that redirects
user to a Web page that appears to be the Yahoo login
page.
The phishing attack is propagating from a buddy named
ychat_complaint_dept_6b. It will likely mutate with other
variations of the screen name as it progresses. The yahoo
system will ask for permission to add this buddy to your
buddy list and then delivers the message. This form of
social engineering has been particularly effective
especially with the message focused on a loss of the
service.
IMlogic's Threat Center automatically detected,
quarantined and blocked this latest attack using the
IMlogic Real-Time Threat Protection System (RTTPS). RTTPS
automatically protects against these new, previously
unknown IM threats by providing in depth analysis of
client and message structure, network anomalies, and
message content to identify IM threat propagation behavior
and signatures. This in-depth, real-time analysis allows
the system to predicatively block and validate potential
threats, while immediately protecting the IMlogic Threat
Center Community. IMlogic recommends organizations
strengthen additional security protection by ensuring all
desktop antivirus solutions are updated, the latest
security patches have been applied to all desktop systems,
and that all out of date IM clients have been blocked from
accessing the relevant IM networks.
WHO: Experts from the IMlogic Threat Center can speak with
technology and business reporters, industry analysts,
enterprises, partners or anyone concerned about the impact
of this threat. IMlogic can also offer commentary
involving increased risk from IM worms, phishing attacks
and other security threats related to the growing
popularity of IM use within enterprise.
MORE INFO: Learn more at IMlogic's Threat Center:
http://www.imlogic.com/im_threat_center/index.asp.
Disclaimer (networking) disclaimer - Statement ritually appended to many Usenet postings (sometimes automatically, by the posting software) reiterating the fact (which should be obvious, but is easily forgotten) that the article reflects its author's opinions and not necessarily those of the The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties warranties, n.pl the details of a contract; considered less important than the conditions. Whereas the penalty for breach of conditions is the termination of the contract, the penalty for breach of warranties is payment of damages to the innocent party. with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential con·se·quen·tial adj. 1. Following as an effect, result, or conclusion; consequent. 2. Having important consequences; significant: loss or damage arising from use of, or reliance on, this information. IMlogic, IMlogic products and IMlogic IM Manager are trademarks of IMlogic Corporation and/or and/or conj. Used to indicate that either or both of the items connected by it are involved. Usage Note: And/or is widely used in legal and business writing. affiliated companies Affiliated Companies A situation that occurs when one company owns a minority interest (less than 50%) in another company. Also refers to companies that are related to each other in some way. Notes: An affiliated company is sometimes referred to as a subsidiary. in the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion