19th August 2009

In light of recent news about Microsoft and Yahoo search, I almost fell for this bogus e-mail, which is a phishing expedition for usernames and passwords.

The fact that I’ve been advertising an affiliate offer heavily in Yahoo Sponsored Search over the past three weeks, and the fact that I just read about a new user interface coming soon, put Yahoo it in the forefront of my mind.

I was only at the last second that I caught a glimmer of potential fraud – and sure enough, it’s a scam.  Note the domain name is NOT Yahoo, but that won’t show up in the .html version of the email.

Dear Advertiser,

We just want to remind you that, on August 25, 2009, your Local Sponsored Search account will be discontinued. You will be upgraded to a new Sponsored Search account with geo-targeting and other great new features.

Please note the following: In order for us to upgrade your account you need to verify your user/password of your account. Please remember to input your Sponsored Search user and password correctly NOT your email and password.

Please visit the following link to verify your account:
http://marketingsolutions-yahoo.com/adui/signin/loadSignin.htm

Sincerely,

Your Partners at Yahoo! Search Marketing Copyright 2009 Yahoo!, Inc. All rights reserved.

Had I been just a few seconds slower on the uptake, I probably would have found myself with dozens or hundreds of ad campaigns for someone elses domains, and maxed out credit cards. Yikes!

I looked up the domain name just  to be sure…

bogus-yahoo2

Any time your credit card or finances are even remotely involved, never, ever, should you click on a link in an email where you are being asked to verify your username and password for ANYTHING.

If in doubt, always manually type in the domain name of the real merchant or go to your bookmark / favorite to see if a request is legit.

If you like what you've seen here, would you please share this?
    PDXTC & Search Commander, Inc.
    11124 NE Halsey St. #481 PortlandOR97220 USA 
     • 503-946-6881
    twitter / shendison

    2 Comments    

    • DanOfSoCal says:

      Hello Scott,

      As a general rule, I look for grammatical and spelling mistakes in any suspicious email. Spammers are notoriously poor at the English language. The example you provided looks pretty good, which leads me to believe that some of the spammers/phishers are getting better at their nefarious game. Thanks for the heads-up.

      Best,

      Dan

    • Adam Snider says:

      In this particular case, the fact that it was a dash before the “yahoo.com” part of the main, rather than a dot should have been a sign, too. That’s not a Yahoo subdomain, that’s a totally unrelated domain that happens to have the word “yahoo” in it.

    Leave a Comment