Portal Home |  IS News Menu |  Portal Menu |  ISB Menu |  Main Content
Beware of Yahoo! Greeting Cards
26 Sep 11:20

A new phishing scam using a fake greeting card notification message lures users to spoofed site that contains a Trojan. This is one of several scams implementing VML IE exploits.

The spoofed Yahoo! site hosts updated Web-Attacker VML exploit code. This example lures users to the site by claiming they have received a Yahoo! Greeting Card. The site downloads and installs an Internet Explorer Browser Helper Object that directs all HTTP posts from forms to a third party, and then collects information on end-users. The exploit is hidden in a 1x1-pixel iframe.

Related links: (Open in a new window.)
External link www.websensesecuritylabs.com/alerts/alert.php?AlertID=633

View Printable View printable version (opens in new window)
Back Back