Anti-Phishing Working Group: eBay - "Security Notification"

LATEST NEWS IN THE FIGHT AGAINST PHISHING:

Yahoo - 'E-mail account security warning'
24-Sep-2004

Summary

Email title:	'E-mail account security warning'
Scam target:	Yahoo e-mail users
Email format:	HTML e-mail
Sender:	administration@YAHOO.COM
Sender spoofed?	Yes
Scam call to action:	'Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. For details see the attached file.'
Scam goal:	Installing malicious software on victim's computer
Call to action format:	Attached file
Attachment type:	.PIF file - hidden executable

E-mail

This message represents quite a large category of phishing. It is targeted at inexperienced users that are overly gullable and overly trusty, when they see the attributes of legitimate organizations:

The attachment is a hidden executable (does run some code on the victim's machine, despite not being an .EXE or .COM), containing malicious code - a virus, for example, or a keylogger for stealing passwords, etc.

It is very important to remember that due to the insecure environment that e-mail currently is, the legitimate companies DO NOT send attachments. They ocnduct business via secure websites instead.