Yahoo Phishing Mail real case study
This article shares one real case study. How hacker uses a phishing site to steal your ID/PWD.
First, you receive mail from “Customer Service” with mail subject “Yahoo Mail Update Required!”
If we take closer look of the mail sender address, it shows “firstname.lastname@example.org”
Once you click the “Update” link in the mail, it will direct you to the phishing site.
Again, it’s NOT yahoo site. In addition, it’s an ORG site URL. “.org” site can also be used as phishing site not only .com.
It also shows you the popup window and require you to do sign-in again.
if we use “virustotal.com” to analyze the URL, you will see the detection ratio is getting higher. 8/61. It means 8 antivirus vendors detects this URL as suspicious site out of 61 vendors.