Comments on: Phishers target Yahoo Messenger

Phony messages direct people to a site that asks people for their Yahoo usernames and passwords.

[n3td3v]

Isolated incident hyped up into something BIG

This is an isolated incident hyped up by CNET. The quotes by Connelly from Websense are so far off its untrue. CNET obviously didn't do any research on this incident and just took the word of connelly as truth. The only protection or come back CNET have is, "We put in quote unquotes". That still doesn't give your article much credibility by people who deal with IM security as a living. This is an irresponsible article on the part of security. Many of CNET's security related articles are irresponsible, which only breed more security incidents, which can only create more problems for those security professionals who are trying to tackle security problems. Wording articles in such a way that basically tells virii writers, spammers, hackers and script kiddies what to do, is only adding to the overall scheme of things. I'd like it very much if the guy from websense got in touch with me and backed up the comments seen on this article, because from my point of view, you don't say anything credible, and you offer from little actual solution to the situation, apart from buzzwords, which are perfect for news articles like this who want to draw in the hits, and create hype and fear to gullible net users, who are easily infulenced by articles like this, weather the content of the article is reflective of the truth and the situation. This article to me is taken very much out of context of Yahoo's actual messenger network security situation, with regards to the topic of phishing, worms, malicious IM messages. Thanks, n3td3v... http://www.geocities.com/n3td3v

[Randyincv]

Yahoo Messenger Phishing attacks.

I work in the computer industry, as savvy as I am about security and scams, I too, fell victim to a Yahoo Messenger Phishing attack a year ago. It took 4 days of emailing to get my account back. The people that do these "Phishing Sams" are doing it more and more frequently. It IS a spreading problem. Once someone figures out how to do this and tells all of his buddies or posts a "how to" on a hacker site, the problem spreads. I have been targeted 3 additional times in the last 2 weeks. By looking at the URL you're directed to with a Netscape Browser, I was able to see who the recipient of the collected screennames and passwords were. I used the "Page Source" and "Page Info" tools within Netscape to do this. The last 2 times it was going to a Gmail account. the last 2 times the page was hosted on a free webhosting service in Utah. I contacted Google, Yahoo and the webhosting service and gave them all of the information I collected. I also did a "screenshot" of the Yahoo messagenger message by holding the "Alt" Key and hitting print screen. I then pasted the image into a photo program and saved it as a Jpeg, I included that as an attachment to my reporting emails. If you get ANY unsolicited message on an IM program that has a link that wants you to log in. Save the URL but DO NOT log onto the page or you too will become a victim and get locked out of your account. As far as this problem being blown out of proportion, I don't think it is. I have talked to 3 other people at work who have had this happen and I assisted them in restoring their Yahoo accounts. I directed them to the Yahoo help page and they had their accounts reestablished by identifying their birthdate. I hope this sheds some light on this problem and puts a face on a victim. I was sent a message from a trusted, local friend when I got my account hijacked, their account had been compromised. Please use caution.

Randy in Corvallis, Oregon.

[n3td3v]

CNET trying to manipulate the security community

MSN is the only messenger network so far to see anything, but people like CNET are sticking with stories like this to try and infulence and manipulate the security community into attacking other IM networks, to make some big IM story for them to write about. The truth is MSN messenger network has had *some* problems with worms, but its not as BIG as CNET are making it out to be. CNET are desperate to get malicious users to attack people like Yahoo Messenger, to give CNET something good to write about. the truth is IM attacks are very few and far between, but if news outlets like CNET keep up with these kind of stories, they could manipulate and infulence the kiddiots into attacking IM networks, if an experienced user from the security community releases some code. This is a highly IRRESPONIBLE article by CNET, and I believe CNET and other news outlets should act RESPOSIBILY with security articles andf headlines, and should he held ACCOUNTABLE for headlines and news article wording, that are obviously and blantantly reaching out to malicious users to attack or hack.

[n3td3v]

Did CNET even contact IM-Logic?

Did CNET even contact IMLogic and ask them about the scale of this reported "phishing"? IMLogic are the guys who monitor Yahoo messenger network, for Yahoo. Not "Websense", who are just some third-party in the same market as CNET and thats creating Media Hype, rather than being in the interest of providing the facts on a given incident, like IMLogic. IMLogic are partners with Yahoo, but CNET didn't contact them. Further proof of how rushed and unresearched this article actually is to the reported Yahoo Messenger "phishing".

[nikhilamin]

out of control yahoo rooms and life threats

I have been using yahoo messenger and watching too many booters hackers and know few of them who do it, but i dont see any link where a yahoo user can place a complain about such people who do it, i guess it may help locating and stoping hacking, as people are filled with information of wwho and how they do but as its said : no cleaning can be done without the owners wanting it to be done"

[malik47]

yahoo messenger virus

i have very hardly created the cnet account.those hackers are very dangerous.whenever i tried to make a cnet account they shut down my computer .now, i have created from cafe to post my comment ..my PC is compltely in their control.they have taken all my personal information.when ever i turn on my computer a file starts running in the task manager and the computer screen starts shaking.They are still there in yahoo islam room and chat as usual.My yahoo Id is also hacked but its a common problem.

the amazing thing is they control my computer with no internet cable connected.All lights on the back of my cpu are on.when my computer shuts down it say closing network service. I have a lot to say....