Industry leader IMlogic is warning customers that a new phishing attack, IM.Marphish.Yahoo, is being broadcasted over the Yahoo instant messaging network. This new attack sends users a message that appears to be from the Yahoo “abuse department” and informs the user that they are in violation of the Yahoo Terms of Service Agreement. The message informs the user they must respond to this complaint to prevent their account from being deactivated, and includes a URL to a malicious site hosted at the 42.pl domain that redirects user to a Web page that appears to be the Yahoo login page.

The phishing attack is propagating from a buddy named ychat_complaint_dept_6b. It will likely mutate with other variations of the screen name as it progresses. The yahoo system will ask for permission to add this buddy to your buddy list and then delivers the message. This form of social engineering has been particularly effective especially with the message focused on a loss of the service.

IMlogic’s Threat Center automatically detected, quarantined and blocked this latest attack using the IMlogic Real-Time Threat Protection System (RTTPS). RTTPS automatically protects against these new, previously unknown IM threats by providing in depth analysis of client and message structure, network anomalies, and message content to identify IM threat propagation behavior and signatures. This in-depth, real-time analysis allows the system to predicatively block and validate potential threats, while immediately protecting the IMlogic Threat Center Community. IMlogic recommends organizations strengthen additional security protection by ensuring all desktop antivirus solutions are updated, the latest security patches have been applied to all desktop systems, and that all out of date IM clients have been blocked from accessing the relevant IM networks.

{Secure Instant Messaging}

Recent Entries

• Yahoo! offers phone via instant messaging
• FaceTime Secures Instant Messaging For Distance Learning University
• Yahoo Messenger Integrates VOIP
• Mobile IM for Skype
• New Botnets Utilizing Instant Messaging
• Secure Developers Portal for Instant Messaging Bots
• ScanSafe Intros IM Security Management
• SIP Unified Communications Is All the Buzz
• Akonix Rolls Comprehensive Instant Messaging Security Bundle
• Microsoft Messenger for Mac 5.1

This entry was posted on Thursday, November 10th, 2005 at 9:38 pm and is filed under Secure Instant Messaging. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.