Hackers are exploiting interest in the new Star Wars film to harvest Yahoo! login credentials. The attack is initiated when a user clicks on a malicious link (yahoopremium.bravehost.com/STAR_GAMES) sent to them from a user on their buddy list. Once at the web site, the user is encouraged to enter their Yahoo credentials. Upon activation, a Trojan collects Yahoo! credentials and then sends messages out to a user's buddy list whether the IM client is logged in or not.
http://www.theregister.co.uk/2005/05...ishing_attack/