Phishing: Watch those URLs

Today in my Yahoo! mail account:

Yahoo

If you click that “Sign In” link, you get taken to

http://www.oficinadentalpr.com/includes/drpbx/db/obfuscated.php

which is apparently a dental office in Brazil. (I tried contacting them to let them know that their website had been compromised, but their contact page seems to be malfunctioning.)

Edit: As of today, the entire “Oficina Dental” account has been suspended. Either they got infected and their ISP suspended them on general principles, or the whole page was a sleazy front for this scam operation. We’ll never know.

At any rate, this is what you get:

Yahoo2

Which leads you to the regular “Enter your critical personal information and credit card and bank data” page.

The ongoing lesson: Don’t click embedded links in emails. Just don’t.

The Old Wolf has spoken.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s