1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anyone else got this sneaky spam email?

Discussion in 'BlackHat Lounge' started by SeoQuest, Sep 12, 2012.

  1. SeoQuest

    SeoQuest Junior Member

    Joined:
    Jun 24, 2012
    Messages:
    142
    Likes Received:
    41
    Location:
    Europe
    Today i saw in my inbox an email that pretend to be from yahoo stuff that almost got me believe that is legitimate. This was the email. It was titled "Yahoo© Email Verification"

    "Yahoo! SERVICE ANNOUNCEMENT

    Dear Customer,

    Your incoming messages were placed on pending due to our recent upgrade. Verify your account immediately to to get your mail working by pressing the Click Here to get your mail updated

    Thank you for using Yahoo! Mail.

    Yahoo!©2012"

    The link in the email where i suppose to verify my account details opens a site which was a subdomain created on a free hosting. This subdomain has only one page which was a complete ripped off of the yahoo email login page. Once someone types his login details there the hacker gets access to his account.

    Just watch out for that kind of emails in your inbox if your are using Yahoo. They look legitimate but are 100% fake.
     
  2. seoguy81

    seoguy81 Power Member

    Joined:
    May 18, 2011
    Messages:
    779
    Likes Received:
    163
    Occupation:
    Full time IM
    Location:
    My Desk
    Not just Yahoo, but such mails also try to spoof Paypal, and at times even your bank's internet login.

    Whenever I get such mails, I usually take the effort to alert the registrar + the webhost.

    While people like you and me might be able to identify such emails, it is the older people that usually gets me concerned, ones that are not at all tech savvy and use the internet just for reading emails and as such.
     
  3. michael8t6

    michael8t6 Regular Member

    Joined:
    Apr 28, 2012
    Messages:
    285
    Likes Received:
    229
    Location:
    somewhere on this god forsaken planet
    I had one like this the other day but it was paypal related and claimed someone had sent me £50 via ebay and then disputed it. Clicked the link and it was a subdomain like yours, really good replica though ;)
     
  4. dubious

    dubious Regular Member

    Joined:
    Apr 22, 2012
    Messages:
    235
    Likes Received:
    222
    Occupation:
    Project Manager/Business Development Manager
    Location:
    Australia
    Always alert the hosting company + registrar.

    Also, find out what their mailserver is.

    They can fake the 'from' address, but 'mailed by' is impossible to make. In gmail, it should be the dropdown arrow next to your email in the header.

    That way, you can find their SMTP server, and depending on where they live, they could be facing criminal charges.

    Always take courtesy to report these scumbags, disingenuously robbing people of money is a truly low act.
     
  5. HoNeYBiRD

    HoNeYBiRD Jr. VIP Jr. VIP

    Joined:
    May 1, 2009
    Messages:
    5,913
    Likes Received:
    7,150
    Gender:
    Male
    Occupation:
    Geographer, Tourism Manager
    Location:
    Ghosted
    don't blatantly click on links in emails, just hover over your mouse and you'll see the url, so you can judge if it's legit or not without actually visiting the link