Wednesday, July 12, 2006

Fake Email

Just now, i got an email from fake "Yahoo Fraud Prevention Team" :

Dear Yahoo Member:


This email was sent to you from our secure
Yahoo server to verify your informations

As there was an error logons to your account on
11.07.2006{2:15 P.m}

For security reasons,your access to online yahoo
has been suspended.

If you fail to verify and re-confirm your membership details
your online Yahoo account will be BLOCKED!


*WARNING*:Please Keep Your Details Secret and Safe.

To verify your account please

Login :
Password :
Old password :
New Password :
Code Security :
Full Name :
Address :

Replay Fast with real account and your info in 24 hour

Security Password,

Yahoo Fraud Prevention Team
Yahoo Groups.

Email : account.members@yahoo.com

Yahoo! Answers > Yahoo! Answers Help > Feedback

Copyright © 1994-2006 Yahoo! Inc. All rights reserved. Terms of Service - Copyright/IP Policy - Guidelines - Ad Feedback
NOTICE: We collect personal information on this site.
To learn more about how we use your information, see our Privacy Policy



As you have known, Yahoo never suspend their customer's account just because they have an error while logging in (it's a common mistake to make errors, such as typo, forgot to turn off CAPS LOCK, etc). And the other mistakes made by the sender is that he/she was sending this email to maintainer@project.informatix.or.id (my alias for local OOo Documentation Project). I never put this email on my Yahoo email list, so this is trully a social engineering efforts, but sorry dude, it's not working for me :D

Please be carefull when you receive this kind of email message also.

2 comments:

  1. Anonymous3:00 AM

    disclaimer : trik ini gue kasi tau liat untuk nunjukin fakta yang ada aja. bukan untuk dipake!

    yang juga lagi ngetren sekarang itu bikin login screen palsu yang sama kayak layanan-layanan beken (yahoo, frenster, myspace, etc).

    jadi triknya kita belagak mengharuskan pengunjung untuk login ke layanan itu dulu (ada juga yang langsung di redirect).

    trus pengunjung yg ngga sadar (ngga liat url) akan santai aja masukin password en usernamenya dia. dan bang! we got em!

    asik ya? heheh...makanya liat-liat dulu sebelom ngetik.

    ReplyDelete
  2. yup, memang ini yang sekarang lagi jadi tren, jadi setiap orang harus tambah hati2. Soalnya sekarang ini banyak sekali usaha social engineering yang sudah dilakukan

    ReplyDelete