Hello , !
Just click here to receive your FREE YAHOO EMAIL Account!
Ok so it is just a small variation on the greeting card theme (although they haven’t bothered to change the file being downloaded). The main difference is the message, and rather than using HTTP to deliver the file the link is an FTP link along these lines ftp://username:firstname.lastname@example.org/private/postcard.pif
Connecting to 82 .bbb.ccc.ddd:21... connected.
Corporates typically block outbound FTP so most of you should be OK at work. Home users however may end up with a little surprise. The file downloaded should be reasonably well detected by most AV products. The few sites I checked already had the file pulled (or not yet placed there).
It is a fairly trivial thing. The only reason I mention it is because, like no doubt a fair number of you, I looked at it and went “mmm, interesting that Yahoo is going down the invite path, just like google” and I opened the message to have a look. So the message is reasonably effective at first glance.
From a broader perspective, there seems to be no lack of FTP servers connected to the internet that have been or are being compromised. If you run an internet facing FTP server, when was the last time you checked the logs and the users defined?
Mark H - Shearwater
Jun 1st 2008
1 decade ago