Yahoo has releasead a statement claiming that users of Yahoo Messenger have received a flurry of increasingly sophisticated phishing attempts by hackers who are attempting to discover confidential account information by exploiting security flaws in the instant messaging service. The initial attack comes in the form of an unsolicited Instant Message that directs the user to a phoney Yahoo! webpage which then requests that they login with their user name and password. And while the phishing attacks are generally easily recognized as unkown/unsolicited IM’s, it is believed that hackers will soon be able to use existing buddy lists to pose as a known contact.
Francis Costello, chief marketing officer of Akonix Security Systems, said, “With this year’s explosive growth in IM worms and attacks, organizations can no longer afford to leave their IM users unprotected and unmanaged.”
“Phishing scams target sensitive data access utilizing unsuspecting employees, and worms can quickly compromise entire networks. Akonix provides the tools that allow organizations to continue to realize the productivity benefits and cost savings of IM while insulating their employees,” he added.
Yahoo needs to move quickly on increasing the security of their messenger systems as these types of attacks can rapidly get out of control, as did the worm that infected MSN messenger service last March and gave hackers remote control over host computers.