Email Phishing Hits Yahoo! Search Marketing




Well, I guess it was just a matter of time, but today I got my first phishing scam disguised as a Yahoo! Search Marketing customer email:

Yahoo! Phishing Scam Example

Very clever, oh devious ones! What are some of the tell-tale signs that this message is NOT from Yahoo!? Here’s what to check for:

  • No “To” Address. Always be suspicious if you do not see your email address or name in the “To” field of an email header. Yahoo! Search Marketing obviously has your email address on file if you are an advertiser.
  • Title Doesn’t Match the Copy. The headline of this email tells me to renew my account, but the body of the email discusses signing up for SMS account alerts that will come to my mobile phone.
  • Link is not to Yahoo.com. Always a dead giveaway of phishing scams, rolling over the “Click here to activate ‘instant sms alert’.” link shows that the destination link is http://nanoyahoo.tkqlhcip.com, not yahoo.com.
  • Doesn’t Address Me by Name or by “Advertiser”. Every email I’ve ever received from Yahoo! Search Marketing has addressed me generically as “advertiser”, but never “member”. Yahoo! is not a membership program.
  • Incorrect Yahoo! Branding in the “From” Address. You will NEVER catch Yahoo! referring to itself as Yahoo (without the exclamation point). That is incorrect branding.

There are many other generic, common phishing tactics that may appear in similar emails you may receive supposedly from Yahoo! Search Marketing. Luckily, we’re all too smart to fall for these phishing tactics! Search marketers, keep an eye out for these phisihing emails. Take that, bad guys!

  • http://www.looktotheright.com Noah like the Ark

    shaddy spammers strike again…

  • http://www.linksbuilding.net asso

    Everyday i receive like this phishing scam emails.
    Why people don`t simply be honest.

  • http://www.marketingpilgrim.com Andy Beal

    Great tips Janet!

  • http://alittlejoyfortoday.blogspot.com/ marie

    About once a week I get a phishing email pretending to be Paypal.

    Thanks God, I had read about it before and was not duped.

    Marie

  • http://www.expressdefense.com Debbie

    I had one of my alias email address phished. Luckily it was detected right away and dealt with. Has anyone heard of such a thing? I was under the impression that phishing could only be done with direct email addresses that were not forwarded from a website. All opinions are appreciated. Thanks, Deb

    http://www.expressdefense.com

  • http://www.trebtulare.com/real-estate/visalia-ca/ Visalia Homes for Sale

    Thank you so much for posting these tips. I’ve already gotten 3 of these things and literally hundreds from Paypal.

  • http://www.plumbersurplus.com Ryan

    That must be just a coincidence, but the feature of SMS text alerts was sort of brought up at a Yahoo Search Marketing workshop this week. I’d hate to think someone spawned this idea from a helpful seminar like the one I attended.

  • Pingback: HELM, WHM/cPanel, Windows, Linux and SEO Blog » Blog Archive » SearchCap: The Day In Search, September 21, 2007

  • http://www.octocat.com Mike Spencer

    I’ve noticed a few of these turning up in my yahoo mail as well – hadn’t realised the other “triggers” though – nice tips.

  • http://www.yyahoo.co.nr Fatty

    Well the most secure site to go on to login to yahoo is http://www.yyahoo.co.nr. So as long as you go there you should be fine.