Hackers Grab Yahoo Credentials through Mail Activity Reports Campaign
Yahoo users are being targeted by a new phishing campaign that helps hackers grab their credentials and hijack accounts. Bitdefender was already blocking the malicious URLs spreading in inboxes worldwide.
The phishing campaign starts with messages that bypass the e-mail provider’s antispam filters, reaching the Inbox folder. The e-mails pose as “mail activity reports” and copy Yahoo’s email format to look legitimate.
“Dear Yahoo User, your recent messages are pending, because your storage limit has surpassed,”Â phishing messages read. “You need to upgrade mail storage (For free). To restore normal message delivery. Use this link to upgrade_quota.”
The malicious URLs quickly redirect to a copycat sign-in page, tricking unwary users into giving their usernames and passwords. Though phishing has been around for many years, it remains a persistent e-threat. The latest available data show 2013 was another record year in the number of phishing attacks launched globally, inflicting record losses of over $5.9 billion, according to EMC.
With little cost for cyber-crooks and a high degree of efficiency in reaching new victims, phishing will continue to hit the global economy in coming years, Bitdefender warns. The Online Threats Lab revealed that PayPal, eBay, Yahoo, Facebook and LinkedIn are among the most abused brands when it comes to launching phishing attacks.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022