Menu
 Home
 Local News    
 Global News
 Technical & Product News
 Opinions
 Contact Us
 Subscribe/Unsubscribe
 
 Publications
 ICT World
 Cable Talk
 Computing S.A.
 Network World
 The Channel
 IT users handbook
 
 Sponsors
 ICT World Company Directory
 
 Partners
 CareerJunction
 Johnnic Mag Division
 
 Privacy Policy
 Privacy Policy
 
   
   

Yahoo tests anti-phishing service

Date: 23 August 2006
Issue: Two hundred (21/8/06 - 25/8/06)
(ICT World)
Category: Global News
Juan Carlos Perez, IDG News Service (Miami Bureau)
Yahoo is testing a security service designed to prevent Web surfers from landing on sites that look like they are from Yahoo but that are fake ones set up by fraudsters to carry out phishing scams.

The service lets users know if they have landed on a legitimate Yahoo sign-in Web page, preventing them from entering their Yahoo ID and password on a phishing site.

The service, which can be found at and currently supports only US Yahoo Web sites, is being tested and has not been officially announced yet, a Yahoo spokeswoman says.

Phishing is a monumental online security problem. Scammers set up legitimate-looking Web sites from well-known companies, such as banks, online stores and Web portals, and try to lure people to them via e-mail and other methods. The idea is to trick people into entering sensitive information, such as passwords and credit card numbers, into the sites, for malicious purposes, such as ID theft and fraud.

Each Yahoo sign-in seal is associated with an individual computer, so users need to install it on every computer they use. Once installed, the seal will appear on Yahoo sign-in screens, letting users know the site is genuine. Creating a seal involves either entering some text terms or uploading an image. The text or the image are displayed in the seal, which will only appear on Yahoo sign-in screens and thus offers no protection on sites from other companies.

Yahoo cautions that there are reasons why the seal may not appear on otherwise genuine Yahoo sign-in pages. "For example, someone else using your computer may have deleted or changed your seal, your cookies or files on your computer may have been deleted, or you are using a partner or international Yahoo site," Yahoo's site reads. "To be safe, look for these other clues to make sure that you are on a genuine Yahoo sign-in screen."

If the computer is shared among family or friends, it is a good idea to show everyone the sign-in seal so that they recognise it. For computers in public places, like libraries, the sign-in seal should be created by in-house administrators, and not by visiting users, according to Yahoo.