Yahoo! Marketing Hit By Phishers, Phished Accounts Lead To Malvertising And Malware Distribution
Trend Micro researchers recently discovered a phishing attack that targets Yahoo! Search Marketing users. Yahoo! Search Marketing is an advertising service offered by Yahoo! to users who want their advertisements placed on Yahoo! pages. According to Web information company Alexa, Yahoo! is the Number 1 most popular Web site, thus explaining advertisers’ interest on Yahoo! Web pages.
A phishing email that pretends to help update the recipient’s account is spammed to users, hoping to convince them into giving out account credentials. Innocent advertisers who might think that this email is indeed a legitimate alert may use their credentials to log in into the phishing page, thus compromising their account.
This may lead to the unauthorized use of the user’s Yahoo! Search Marketing account, possibly modifying settings on the account to redirect profits to the phisher. The phisher can also possibly use the account for malicious means such as SEO manipulation and malvertising, both malware distribution techniques we’ve seen not so far back this year.
Users are advised to disregard any similar, unsolicited emails that arrive on their inbox. It is also important only update their credentials by connecting directly to the Web site, and not by clicking links in spammed emails.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.