Security researchers report on a new phishing campaign that circulates on Yahoo! Messenger and is instrumented with the help of hijacked accounts. A spammed rogue video link takes users to a fake Facebook login page.
The new attack was discovered by researchers from enterprise software giant CA. "While using Yahoo Messenger recently I received new IM Spam from my one [sic.] of my friends. Just by the look of it I could tell that it was most likely a malware related IM Spammed Message,” Ricardo Robielos III, a research engineer in CA's Internet Security Business Unit (CA ISBU), writes
[REMOVED]deo.com/live. Klik n login. Ok. .....!!" the rogue message reads. Clicking on the URL opens a fake Facebook login page, suggesting that the user needs to authenticate on the social networking website before being able to see the video.