Yahoo! Mail Blog

It didn’t take long did it? You’ve read the reports from yesterday about email account information being posted online and all the stress that goes with worrying about your online safety. Already there are people out there trying to take advantage of the fact that you might be concerned whether or not you were one of the few people affected by the phishing attack. Phishing, for those of you unfamiliar with the term, is the act of trying to trick you into revealing your account and login information via a fake email or fake Website.

Here are some tips to help you identify phishing emails:

• Make sure the Web page address doesn’t have any misspellings or extra words (e.g. http://www.yah000.com, http://www.yahoo-members.com, or http://www.yahoo.BadGuyEnterprises.com) in it. When it doubt, go straight to http://www.yahoo.co.uk and log in from there.
• Be vigilant about anything that doesn’t look right on the page, such as typos, outdated content, or broken or missing pictures.
• Best idea: be sure to set up a customized “Sign-In seal” picture — instructions are at https://protect.login.yahoo.com/ – and never enter your password unless you see that picture on the page.

Just this morning we’re getting reports of a particularly well prepared email attempting to make you think that we are contacting you to verify your account information. In fact, this is nothing new. I’ve posted about this before. But this particular version of a phishing email has been very well produced and appears to look very official. So if you have received something like the screenshot below, this is not an email from Yahoo.

This one pictured above is a prime example of a phishing email, which uses a scare tactic to try to solicit you to send your account details and password. The one above is using the news stories from yesterday to lure you into clicking a link (the link in the email actually goes to some website that is not part of Yahoo) and giving your account details. Always be mindful of any Web page that requests your Yahoo! password (or any password for that matter).

So if you receive an email like the one above, don’t fall for it. Just delete it, or better yet, click the “Spam” button. It’s the quickest and easiest way to let us know that it’s spam.

Andrew – Yahoo! Mail Team

This entry was posted on Wednesday, October 7th, 2009 at 1:44 am and is filed under Yahoo! Mail UK. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.