New Yahoo Phishing E-mail

by Christine Cavalier on 25 June 2009

Just received the email below at my Yahoo account today. If you get it, don’t reply to it. It’s fake. It isn’t from Yahoo. Yahoo already HAS your username and password, they don’t need you to verify it. They also know your IP address, which will tell them from which country you are. And I don’t think it matters much how old you are — they will have you click a Terms of Service agreement that says you are over 13 or whatever if they want. They also don’t need any help from users to make “more space” for new ones. They just buy more servers.

Some poor sucker is going to respond to this and then the spammers will have all sorts of new ways to send out porn, fake viagra offers, you-name-it. If you are that poor sucker, don’t worry. Just go and change your password NOW.

“VERIFY YOUR YAHOO EMAIL ACCOUNT NOW
Dear Yahoo Email Account Owner,
This message is from uniminuto.yahoo messaging center to all yahoo email account
owners. We are currently upgrading our data base and e-mail account center. We are
deleting all unused yahoo email account to create more space for new accounts.
To prevent your account from closing you will have to update it below so that we will
know that it’s a present used account.

CONFIRM YOUR EMAIL IDENTITY BELOW
Email Username : ………. …..
Email Password : …………….
Date of Birth : ……………..
Country or Territory : ……….

Warning!!!
Account owner that refuses to update his or her account within Seven days of receiving
this warning will lose his or her account permanently.Thank you for using yahoo !
Warning Code:VX2G99AAJ

Thanks,
Yahoo mail Team”

More posts like this one:

10 November 2010 -- DHL Spam Email: Don’t open the attachment! (43)
14 February 2010 -- New SCAM: “Google Earth” scam email. Don’t PAY for Google Earth! (17)
8 February 2010 -- Facebook Dinner Party: Why Phishing Works & How To Avoid It (6)

Tagged as: abuse, email, new yahoo phishing scam, phishing, scam, verify account, yahoo

Anonymous

Speaking of Yahoo,
I lost, well, actually THEY lost my password. Sometime pre-2006 they did some kind of upgrade and if you had not logged in for a certain period of time, you were deactivated. Of course, they deactivated my login, but not my yahoogroups subscriptions. I still get those, (and wish I didn’t for one of them.)

So what do do?

Turns out the “password-reset” form at yahoo is on a secure page, but it POSTs to a non-secure page! (There should be some law, and Yahoo is on my do-not-trust list because of this alone.) If that non-secure POST on a secure form isn’t enough, the form asks for D.O.B! No way I’m sending my D.O.B to Yahoo over an unencrypted connection.

Since post-modern civilization is insane (in the aggregate), the “appearance” of value is just as valuable as actual value.

Oh, I guess that is actually what your post is about, after all. Something that looks good may not be.
Anonymous

Speaking of Yahoo,
I lost, well, actually THEY lost my password. Sometime pre-2006 they did some kind of upgrade and if you had not logged in for a certain period of time, you were deactivated. Of course, they deactivated my login, but not my yahoogroups subscriptions. I still get those, (and wish I didn’t for one of them.)

So what do do?

Turns out the “password-reset” form at yahoo is on a secure page, but it POSTs to a non-secure page! (There should be some law, and Yahoo is on my do-not-trust list because of this alone.) If that non-secure POST on a secure form isn’t enough, the form asks for D.O.B! No way I’m sending my D.O.B to Yahoo over an unencrypted connection.

Since post-modern civilization is insane (in the aggregate), the “appearance” of value is just as valuable as actual value.

Oh, I guess that is actually what your post is about, after all. Something that looks good may not be.
Forrest Cavalier

Sorry, that was me in that previous comment.
Forrest Cavalier

Sorry, that was me in that previous comment.
http://www.purplecar.net/ Christine Cavalier

Don’t you lie about your DOB? I am anywhere from 20 years old to about 56 years old, on different sites on the internet. I don’t think I’ve given one my real DOB. And yes, I do remember which date I give which site. One of the sites I am 56 years old on is a google-reader type thing. I was getting all these friend requests from creeps. So I upped my age and strangely, the creeps disappeared.

Anyway, my point is, why on earth do you think you should give your real date of birth?
http://www.purplecar.net/ Christine Cavalier

Don’t you lie about your DOB? I am anywhere from 20 years old to about 56 years old, on different sites on the internet. I don’t think I’ve given one my real DOB. And yes, I do remember which date I give which site. One of the sites I am 56 years old on is a google-reader type thing. I was getting all these friend requests from creeps. So I upped my age and strangely, the creeps disappeared.

Anyway, my point is, why on earth do you think you should give your real date of birth?
tom

tom@largefree.com
nonpiscator

I received this email and did follow
the link to a page where they told me to give answers to two questions to
retrieve my password, which I did, silly me. Then I thought it seemed
suspicious even if it did not have the usual signs of bad English etc, so I did
change my password and the two questions to retrieve it, directly in Yahoo. I
have approached Yahoo in many and tortuous ways but I have not got any
satisfaction as to whether it was sent by them or not.

New secret questions
were added to your Yahoo! account.

To ensure that your account information remains accurate and secure we
notify you whenever this information changes.

This change request was made on 31 July 2011 at 08:39.

If the changes described above are accurate, no further action is
needed. If anything doesn’t look right, follow the link below to make
changes:
https://edit.yahoo.com/forgot?stage=fe100&src=&intl=uk&done=http://www.yahoo.com&partner=reg

Regards,
Yahoo! Account Services
————————-
Please do not reply to this message. Mail sent to this address cannot be
answered.
Reply to:
Reply to yahoo-account-services-uk@cc.yahoo-inc.com
Nottwo Ma

Forgot to mention that before changing my password I got out of Yahoo and tried to log in again but my password was not accepted, that is when I changed it. I do not seem to have any problems now.
Pingback: Anonymous