Yahoo fake email spoof URL redirection scam
Recently, I've been bombarded by emails to my yahoo account supposedly from my OWN yahoo account (from me, to me).
The text of the email is ...
Dera Yah!oo Mbmeer,
We msut chekc thta yruo Ya!ooh ID was rtsigeered by rael poeple. So, to hepl Yooha! prveent aamotuted regtsirations, plesae cilck on tihs lkni and coetelpm cdoe vertacifiion precoss:
h ttp://es.rd.yahoo.com/*ht%74%70:%2f/%57%77%77%2E%09gOo%67%6C%65%2E%09%43O%6D%2f%75r%6c%3Fq=ht%74%70%3A%2f/w%57w.g%4f%09O%09Gl%09%65 .c%4F%4D%2f%75r%6C?q=%48ttp%3A%2F
Thakn you.
Of course, if you use Javascript and unescape this sequence, you see how a flaw in Yahoo's website allows you to get redirected to google, AND then a flaw on google's site further sends you to a website in Russia (something.da.ru). If you click on that link your email address will be verified and possible used in spam lists. I am not sure if this is some way hijacks your yahoo account (Gmail cookies were hi-jacked recently).
If you got such a mail recently, then you can check this by going to my website and entering the URL you recieved ...
![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}
vinit) wrote,
blah
