A vulnerability in Yahoo's instant messaging software could leave you open to phishing attacks, according to security experts.
Symantec said that it has received a number of reports that Yahoo Messenger users have unwittingly provided their login details to spoofed webpages that are designed to steal the information.
The information is then used to access contact lists so further messages with links to the fake webpage can be sent to others.
As the messages appear to be coming from people on your contact list individuals are more inclined to trust them.
"This phishing attack will attempt to use valid Yahoo accounts so that messages received will appear to come from your trusted contacts. Symantec advises caution when receiving Yahoo instant messages containing URL links in the text, especially any links that require a user to log in to another website," Symantec said in a statement.
http://www.symantec.com/
Topic: Yahoo Messenger flaw found (Read 518 times)