I received this link http://www.geocities.com/a_dark_blonde_hot4u/ from one of my friends as an offline message.

i clicked the link and not thinking put my username and password in.. that takes you to the yahoo site same screen, but things are different from the geocities and the yahoo site. links are underlined etc. So im thinking that the above geocities phished yahoo tricked people much like myself and now they have usernames and passwords. I did happen to change my password within 30 seconds of doing it though. lucky me.

edit:: I looked at the source and found this

<INPUT TYPE="hidden" NAME="Mail_To" VALUE="[email protected]">
seems there having all the usernames and passwords mailed to them..

Edit: I just reported it to yahoo's Phishing Abuse report service.