|
10-27-2004, 04:26 AM
|
#1 (permalink) | |
|
Misanthropic
Location: Ohio! yay!
|
Strange Yahoo message
Quote:
__________________
Crack, you and I are long overdue for a vicious bout of mansex. ~Halx |
|
|
|
10-27-2004, 04:39 AM
|
#4 (permalink) | |
|
*edited for content*
Location: Austin, TX
|
Quote:
__________________
There are no absolute rules of conduct, either in peace or war. Everything depends on circumstances. Leon Trotsky |
|
|
|
|
10-27-2004, 04:43 AM
|
#5 (permalink) | |
|
Crazy
Location: Ireland
|
Quote:
If you DO click the link and they ask for your password close it quick. You can be sure Yahoo would NEVER ask for your password this way. |
|
|
|
|
10-27-2004, 05:58 AM
|
#6 (permalink) |
|
Insane
|
I have gotten an increasing amount of these in my e-mail, as well as questions as to their origin. Hopefully this will be helpful:
1. If you look at the source code of the actual webpage you are viewing, you can view the e-mail in the lower portion of the webpage. When you do, you'll see that half of the e-mail is written in with HTML entities, that is, special characters that will not get mangled when they pass through a web browser's memory. Although they look this way, humans perceive them as normal text (which they should). You'll notice though that when you copy/pasted the text, the special characters ended up as full-stop characters. 2. The e-mail has many spelling errors. Why would anyone at Yahoo! even think of doing this is beyond me since doing that is just unprofessional. This is intentional so as to fool the Anti-Spam features of many large ISPs. 3. If you view the source of the webpage again, you will notice that the link you must click has also been encoded with HTML entities so as to make it hard to read for humans. Web browsers will happily read and display this to you normally. The URL may be obscured when you run your mouse over it (as most browsers will display the URL location in the status bar with JavaScript (JavaScript can be used to change the text of the status bar to anything possible at practically anytime) 4. The link you must click has been run through Google's URL redirection service. Why would Yahoo! run something this important through a 3rd-party? Please note that Yahoo! has a similar service they use to redirect people around their website, which is exploitable as well (why they do not make it accessible to only Yahoo!'s servers is beyond me at the moment). The script is housed at something similar to rd.yahoo.com or rds.yahoo.com 5. Look at the IP addresses stated in the message headers. These are located at the top of your message (Make sure you have turned on View Message Headers in your Yahoo! Mail preferences) and define the path this e-mail took on its voyage across the Internet to land in your Inbox. You'll note that if you try to look up the owners or users of the IP addresses, that a portion of them do not belong to Yahoo! While this is normal (as e-mail goes these days anyway), if Yahoo! wrote them, and these e-mails land in your Yahoo! Mail Inbox, why would your e-mail leave Yahoo!'s network and on to some foreign network? If you use tools such as a WHOIS database for ARIN (just Google for it, you'll find one), you notice that some of the IP addresses in the message headers just don't belong there. These days, most of these scams are originating from Africa or Asia (usually these days, but not always). 6. Yahoo! has stated that they will NEVER ask you for your password. There are two schools of thought here: a. They have the original text of your password and know this, and can retrieve it for their staff (and you) at anytime. Why would they ask you to confirm it in this case? b. They encrypt your password so that not even the staff at Yahoo! can read it. Yahoo! will then have VERY important security measures in place for you to RESET (not determine) you current password. If you ask for a new password, the Yahoo! system will send you a reset password link to the e-mail address that is defined in your account settings (which seemingly only YOU should have access to). When this happens, Yahoo! is very careful with the wording of their e-mail and location of the reset password utility. They might not even let you choose a password, but send an e-mail to your account with an already defined password (presumably again, that only YOU have access to). So in short, this is a phishing scam designed to fool unsuspecting Yahoo! account holders into giving up their passwords to their user accounts. Do NOT give your password to ANYONE especially anyone who even mentions it over the phone. Yahoo! has made every attempt to securely send you a chance to recover your lost accounts. Yahoo! is a huge company, do you really think they have time to help you personally? (I'm sure there are contact numbers you can reach, but they are few and far in between!) While this e-mail is technical in nature, this is the computers forum. Hopefully you're here to learn as well as read our geeky ramblings! This is exactly the line of thinking someone in my line of work goes through when trying to decipher a scam like this! If you have any questions, send me a private message.
__________________
"You looked at me as if I was eating runny eggs in slow motion." - Gord Downie of The Tragically Hip |
|
|
|
10-27-2004, 09:55 PM
|
#8 (permalink) | |
|
Misanthropic
Location: Ohio! yay!
|
Quote:
Once again, good god, nice reply!
__________________
Crack, you and I are long overdue for a vicious bout of mansex. ~Halx |
|
|
|
|
10-27-2004, 10:08 PM
|
#9 (permalink) |
|
Junkie
Location: Louisiana
|
ahh and so the saga of the yahoo script kiddies continue... yeah delete it after sending it to the yahoo peps.. but i can tell you now it dont matter... that was more than likely sent by a bot.. which many peps on the chat have a progy that can generate 100 or more bots in a short time.
__________________
It means only one thing, and everything: Cut. Once committed to fight, Cut. Everything else is secondary. Cut. That is your duty, your purpose, your hunger. There is no rule more important, no commitment that overrides that one. Cut. The lines are a portrayal of the dance. Cut from the void, not from bewilderment. Cut the enemy as quickly and directly as possible. Cut with certainty. Cut decisively, resoultely. Cut into his strength. Flow through the gaps in his guard. Cut him. Cut him down utterly. Don't allow him a breath. Crush him. Cut him without mercy to the depth of his spirit. It is the balance to life: death. It is the dance with death. It is the law a war wizard lives by, or he dies. |
|
|
|
11-13-2004, 08:03 PM
|
#11 (permalink) |
|
EVIL!
Location: Southwest of nowhere
|
I had forgotten a YahooDirect password and requested a new one. Their system will send you a password that will only work once to access your account and you have to immediately change it to one of your choice. That shows that the service reps can't access your passwords to send it to you. That is why they won't ever ask you for it.
Any e-mail that does ask for it is Phishing, you can count on it.
__________________
When all else fails, QUIT. |
|
|
| Tags |
| message, strange, yahoo |
|
|
