I just got this in an e-mail today. It looked pretty legit, but I thought that Yahoo would never ask for your id/password in an e-mail? It even had the Yahoo logo at top, but I guess that didn't copy/paste over.
***
Warning!Verification Alert!!! (KMM69467445654355608644568KM)
From: Yahoo! Customer Service <[email protected]>Add to Contacts
To:
--------------------------------------------------------------------------------
Due to the congestion in all Yahoo!accounts, Yahoo! is upgrading its server and need verifications of both premium and free accounts for security reasons. In order to avoid the deactivation of your account, you will have to confirm your e-mail by filling your Login Info below after clicking the reply button. We are really sorry for any inconvenience this might cause you.
CONFIRM YOUR IDENTITY. VERIFY YOUR YAHOO ACCOUNT NOW !!!
Your -Username:----------------------------
Your -Password::----------------------------
Your -Date Of Birth:-------------------------
Your -Occupation:---------------------------
Your Country Of Residence:----------------
Sincerely,
Yahoo! Customer Care
Case number: 8941624
Property: Account Security
Yahoo! controls the rel="nofollow">http://privacy.yahoo.com/ privacy/us/
This survey is being conducted by Yahoo! and hosted on Confirmit by Application Service Provider (ASP) Future Information Research Management (FIRM). FIRM does not use the information collected for any purpose. To review the FIRM privacy statement, please go to: http://www.confirmit.com/ privacy-statement.aspx
The data collected from you may be transferred to the USA and processed on behalf of and under the instruction of Yahoo! by a third-party data processorbased in the USA.
If you want to be excluded from future surveys and survey correspondence, please click here to unsubscribe.
Copyright © 2010 Yahoo! Inc. All rights reserved
Verified answer
Well, this is apparently one of the more convincing spoofing emails. Yahoo might be interested in seeing it, but they DIDN'T send it. They DON'T ask for your password. They already have it. They don't ask for personal information, they already have all they need. You might want to send this to them, but first, open the message and scroll to the bottom. On the right side, you'll see Full Headers. Click on that, then forward the email to [email protected]. If you have already been tricked into giving your password, please visit http://security.yahoo.com/article.html?a...
and follow the instructions there. Also: http://www.consumerfraudreporting.org/lo...
The text of the spam as copied seems to show no obviously dishonest links. However, my guess is that the trick is they can DISPLAY a legitimate looking link as the text over a real link that is a phishing site.
If you go to http://www.confirmit.com/privacy-statement.aspx you will find warnings by confirmit.com that there are scams. If you still have the spam, go to the link and right click. Depending on your browser select Copy Shortcut (internet Explorer), Copy Link Location (Firefox), or Copy Link Address (Chrome). Paste to your text editor. I think you will find a domain that is not confirmit.com or yahoo.com. The real link may be to some sleazy domain. Sometimes it is a legitimate domain that the spammer hacked into to plant a phishing page. A look at the homepage (if the phishing site is not the homepage) can often reveal which is which.
That is nothing but a phishing scam aimed at getting your personal data - that scam has been around a long time already! Do NOT answer, do NOT click any link, just delete the message, or you'll end up with a hacked account...:-(
♦Like I always say... "When in døubt, thrøw it øut." I wøuld just mark it as junk, ignøre it, and bløck the søurce. Yøu shøuld alsø gø tø Yahøø Security. I agree with Lucee, why wøuld Yahøø ask før yøur passwørd if they already have it.♦
~Courtni☮Lea
Survey.euro.confirmit.com
yes it is a scam - ignore it
just in case... dont sign it...