Interesting People mailing list archives
Yahoo IM "spoofing", "SPIM", and redirect
From: David Farber <dave () farber net>
Date: Thu, 19 Jan 2006 18:12:52 -0500
Begin forwarded message: From: Tracy Hall <tracy () broadbandphysics com> Date: January 19, 2006 4:22:47 PM EST To: dave () farber net Subject: Yahoo IM "spoofing", "SPIM", and redirect You may have already seen something like this:I just received an IM on Yahoo from a "ychat_violation_dept_yq4", claiming to be from Yahoo!, and claiming to have have received "...multiple reports of abuse...", and asking me to click on a link "...to avoid terminating your account...".
The link? Starts off simple enough: ht|p://in.rd.yahoo.com/in/fp/dir/ But in full : ht|p://in.rd.yahoo.com/in/fp/dir/?ht|p://tjek.nu/7k ["|" sub'ed for "t" to make sure nothing turns them into active links]In other words, using a "legitimate" yahoo address to re-direct to, well,
wherever-the-heck it redirected to. I've tested that it does re-direct by sub'ing my own URL for the "tjek.nu" one, and it does do so, without any message, warning, information or option.'Course, I don't click *any* link without checking it six-ways-from- sunday,
but still... Tracy Hall ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Yahoo IM "spoofing", "SPIM", and redirect David Farber (Jan 19)