Websense Security Labs has received several reports of a new phishing attack that targets Yahoo! customers. Users receive a message through Yahoo! Instant Messenger, enticing them to access a website with “click on this website.”
Upon clicking on the website, users are forwarded to a fraudulent website, which is hosted in the United States and was up at the time of this alert. It requests their Yahoo! Photos username and password. Once users have entered their username and password, they receive an error message that their email account was incorrect, at which time the account information is forwarded to a third party and the end-users’ account information could then be compromised.
Read more at Websense