Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Security Research

Phishers Target Yahoo Users

June 04, 2013 - 1 min read
Yahoo Mail introduced two-factor authentication in December 2011. Two-factor authentication can be used to prevent suspicious access to an account (login from a different country, numerous failed login attempts, etc.) and can be used to verify a user's identity when asking for a password reset.

Two-factor authentication has been in the news a fair bit lately as LinkedIn and Twitter have recently begun to offer the feature. We encountered an example whereby a phisher actually took advantage of heightened awareness of two-factor authentication to aid in an attack. The scam involved spoofed e-mails, which claim that all Yahoo users must turn on two-factor authentication:
Phishing e-mail to Yahoo Mail users

The e-mail has a spoofed FROM address (@yahoo.com) and a fake link to http://update.yahoo.com/. The user clicking on this link is actually redirected to a phishing page at http://www.antek.com/pics/tiles/yahoo.com.html as shown below:
Yahoo phishing page
At present, this URL is blocked by Google Safe Browsing (Firefox, Chrome, Safari) but not by Internet Explorer.

Yahoo is now shutting down their Yahoo Mail classic interface and forcing users to their new e-mail platform. This will no doubt be another great opportunity for phisher to take advantage of confused users.

Explore more Zscaler blogs

A cyber criminal shopping for malware
Agniane Stealer: Dark Web’s Crypto Threat
Read Post
Business people walking through a city
The Impact of the SEC’s New Cybersecurity Policies
Read Post
Digital cloud illuminated in blue
Security Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)
Read Post
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region
Read Post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.