Philanthropist Phisher Gives Bogus Yahoo Prize from Gmail Account

Bitdefender Labs spotted a new wave of phishing e-mails targeting the Irish and British. Users are supposed to send their personal information to pick up the bogus Yahoo prize from a manager registered at rival e-mail service, Gmail.

Soon after the breach that made 453,000 Yahoo Voice credentials vanish, cyber-crooks started targeting Irish and Brits with an old lottery phishing technique. Victims receive an empty e-mail, allegedly coming from a Gmail account of Yahoo prize’s manager.

When opening the attachment, victims find a phony Yahoo UK & Ireland letter that asks for all sorts of identity theft goodies such as full name, contact address, e-mail, phone and fax number. To make the scam look more legit, unwary users are also asked to fill in the batch, reference and winning number included in the letter.

Computer users who do send their private data never see the EIGHT HUNDRED & TWENTY THOUSAND GREAT BRITISH POUNDS, but their bank accounts could get cleaned out in a couple of minutes.

Though Yahoo Lottery Scams have made it to phishing history books, users are still getting tricked by these old techniques. The risk of phishing and malware attacks also increases after large data breaches such as the recent Yahoo, LinkedIn, and eHarmony hackings.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

This article is based on the technical information provided courtesy of Ionut Raileanu, Bitdefender Spam Analyst.