The Rolling Stones  

Home  Top Stories  Sports  Entertainment  Health News  Business  Personal Finance 
Real Estate  Business Finance  Insurance  Consulting 
Tax News  Forum




Featured Articles





Identity Theft Book



Yahoo Accused of Hosting Spam and Phishing Sites by Spamhaus

September 6th 2005

Yahoo Accused of Hosting Spam and Phishing Sites by Spamhaus

The Spamhaus Project

Spamhaus made a claim that Internet giant Yahoo! hosts thousands of phishing websites.  The press was given examples of some words including Bank, Paypal, and eBay.  Here is how the fraud works.  An email may prompt a user to click on a website called to updated your personal information.  The email recipient may click on the link and become a victim of identity theft fraud after providing the private information. 

We asked Steve Linford at Spamhaus how Yahoo compares to other hosting companies.  He told Best Syndication "Other web hosts, especially the large firms, have abuse departments that react quickly when notified of spammers on their networks. It is very rare for example for a bank phishing site to remain active on Verio, Godaddy, etc., as they react quickly as soon as they're notified of spam sites. The problem with Yahoo is that they react slowly, if at all, and the spammers (and in particular the phishers) therefore see Yahoo as a safe place to put such sites."

Steve went on to tell us "When Internet users complain to Yahoo, they are too often told "the spam did not originate from Yahoo so we can't do anything" ignoring the fact the spam is advertising a live bank phishing site hosted by Yahoo's web hosting service which, for every hour it is left up and running is emptying the bank accounts of thousands of people who believe it is their real bank asking for their account passwords."

Spamhaus provides a spam blocking service for about 480 million mailbox users around the world.  They already have about 20 entries relating to Yahoo! on their block list (SBL).

Yahoo! does not operate the websites but only provides the servers where these domain names are housed.   According to Spamhaus Yahoo does not have a sufficient staff to address the problem of online fraud. 

According to Richard Cox, chief information officer for Spamhaus, Yahoo hosts just under 5000 domain names with the words Paypal, bank and eBay incorporated in them.  ZDnet reported that Cox told an audience of security experts and politicians that most of these sites are used as phishing sites at the eConfidence, Spam and Scams conference.

Most of these domains are registered in the US.  It may be hard for Yahoo to take action until the domains are used in a phishing attack.  According to TechWhack Cox said “They are hosted on Yahoo! I just took three hot words, but there are dozens of others including misspellings. They are mostly phishing websites, which shows that the situation is out of control.”

When asked whether a spammers domain be suspended a Spamhaus source replied "Yes! They need an anti-spam AUP (Abuse Control Recourses) which they can enforce. And some do. To lock the domain, registrars must first put it on "REGISTRAR-HOLD" and at the same time, change the listed namesevers to ones that return no, or a null, result. To further lock down a spammer's domain, a registrar can update the domain's email contact addresses to some catch-all mailbox of theirs (eg. account_frozen_spammer@registrar.tld). "


Yahoo! is a major player in the web hosting business so it is expected that they would be singled out.  Spamhaus claims that they have “intimated” Yahoo! many times but failed to get any changes.  Yahoo was unavailable for comment about this story.

If you have any comments or an article of your own we would like to hear it.  Submit your comment or article

Related Articles

By Dan Wilson
Best Syndication Staff Writer

  Anti-Spam Software

Keywords and misspellings:  spamhaus spamhause spamhouse yahoo domain domane phishing phish phisher fishing pfishing


About   Contact   site map

Copyright 2005 Best Syndication                                            Last Updated Saturday, July 10, 2010 09:45 PM