Home Picture Galleries Writing Technical Arcana Books Archive About This Site
 

Google search Hamfisted

 
Himeji Castle

Phishy Phishy Phishy Phish

I got caught in a phishing scam last night, but luckily I realized what was going on and swiftly changed my password, so hopefully things are ok. Phishing is an information theft technique that presents users with an authentication system that looks just like their bank or webmail account, but is really just a front to capture their username and password. Those details are then used by the bad guys to log into the user's real account, where they do all sorts of nasty things like empty bank accounts, change passwords, steal personal information and send emails to the FBI saying that you're going to kill the prime minister. Bear in mind that this isn't a technical attack, as it doesn't make use of a technical flaw, exploit or tool to gain unauthorized access. It's commonly referred to as social engineering, much like phone scams where people call you and pretend to be your bank to confirm payment of a bill.

The particularly phishing scam that caught me was a variant of a documented Yahoo Messenger trick that presents a Yahoo Geocities login. I remember wondering just when Yahoo had bought Geocities as I typed in my details, but when the login page landed me at a weird-looking error page, I realized that I'd been deceived. So, I closed all my browser windows, brought up my Yahoo mail login, and changed my password immediately. I'm pretty sure the bad guys didn't have time to trawl my account for juicy tidbits, as the first thing they usually do is change the password themselves so they lock you out, but if I am arrested for kiddy porn in the next few days, you'll know I was wrong.

What made this trick so compelling is that the initial link for the fake Yahoo page was sent to me via Yahoo instant messenger by a very well-known buddy of mine. His account was compromised the same way, because he got the link in an instant message from a good buddy of his, etc etc. I suppose my suspicion gland should've started spasming wildly when I saw the Geocities URL in the address bar, but after Yahoo bought Flickr, Inktomi and Konfabulator, I just figured they'd nabbed Geocities too. Still, lesson learned... be careful out there kiddies, and remember to change your passwords every once in a while, even if things seem fine.