• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

IMlogic Threat Center Reports Yahoo! Instant Message Phishing Attack Has Mutated in an Attempt to Steal User Credentials and Gain Access to Personal Information

Posted on: Monday, 12 December 2005, 12:00 CST

WHAT: Industry leader IMlogic (www.imlogic.com) is warning customers that a Yahoo! instant messaging phishing attack, IM.Marphish2.Yahoo, is being broadcast on the Yahoo! instant messaging network. This phishing attack is a mutation from the recent IM.Marphish.Yahoo attack. Users receive an instant message that appears to be from the Yahoo! "abuse department" and informs the user that they are in violation of the Yahoo! Terms of Service Agreement. The message informs the user they must respond to this complaint to prevent their account from being deactivated, and includes a URL to a malicious site hosted at the 2wahms.com domain that redirects the user to a Web page that appears to be the Yahoo! login page. Similar to the mutations seen with IM worm attacks like Kelvir, Bropia and Opanki, mutations of phishing scams render traditional, reactive security defenses ineffective and leave end-users exposed. With overall rates of mutations increasing and the increased blending of attack mechanisms, the overall effectiveness of these threats continues to improve. The IMlogic Threat Center automatically detected, quarantined and blocked this latest attack using the IMlogic Real-Time Threat Protection System (RTTPS). RTTPS automatically protects against these new, previously unknown IM threats by providing in depth analysis of client and message structure, network anomalies, and message content to identify IM threat propagation behavior and signatures. This in-depth, real-time analysis allows the system to predict, block and validate potential threats, while immediately protecting the IMlogic Threat Center Community. IMlogic recommends organizations strengthen additional security protection by ensuring all desktop antivirus solutions are updated, the latest security patches have been applied to all desktop systems, and that all out-of-date IM clients have been blocked from accessing the relevant IM networks. WHO: Experts from the IMlogic Threat Center can speak with technology and business reporters, industry analysts, enterprises, partners or anyone concerned about the impact of this threat. IMlogic can also offer commentary involving increased risk from IM worms, phishing attacks and other security threats related to the growing popularity of IM use within enterprise. MORE INFO: Learn more at IMlogic's Threat Center: http://www.imlogic.com/im_threat_center/index.asp.

Disclaimer

The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

IMlogic, IMlogic products and IMlogic IM Manager are trademarks of IMlogic Corporation and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners.

Source: Business Wire

More News in this Category