Yahoo Accused of
Hosting Spam and Phishing Sites by Spamhaus
September 6th 2005
Spamhaus made a claim that
Internet giant Yahoo! hosts thousands of phishing websites. The
press was given examples of some words including Bank, Paypal, and
eBay. Here is how the fraud works. An email may prompt a user to
click on a website called yourBank.com to updated your personal
information. The email recipient may click on the link and become a
victim of identity theft fraud after providing the private
We asked Steve Linford at Spamhaus how Yahoo
compares to other hosting companies. He told Best
Syndication "Other web hosts, especially the large firms, have
abuse departments that react quickly when notified of spammers on
their networks. It is very rare for example for a bank phishing
site to remain active on Verio, Godaddy, etc., as they react
quickly as soon as they're notified of spam sites. The problem
with Yahoo is that they react slowly, if at all, and the spammers
(and in particular the phishers) therefore see Yahoo as a safe
place to put such sites."
Steve went on to tell us "When Internet users complain to Yahoo,
they are too often told "the spam did not originate from Yahoo so
we can't do anything" ignoring the fact the spam is advertising a
live bank phishing site hosted by Yahoo's web hosting service
which, for every hour it is left up and running is emptying the
bank accounts of thousands of people who believe it is their real
bank asking for their account passwords."
Spamhaus provides a spam
blocking service for about 480 million mailbox users around the
world. They already have about 20 entries relating to Yahoo! on
their block list (SBL).
Yahoo! does not operate the
websites but only provides the servers where these domain names are
housed. According to Spamhaus Yahoo does not have a sufficient
staff to address the problem of online fraud.
Richard Cox, chief information officer for Spamhaus, Yahoo hosts
just under 5000 domain names with the words Paypal, bank and eBay
incorporated in them. ZDnet reported that Cox told an audience of
security experts and politicians that most of these sites are used
as phishing sites at the eConfidence, Spam and Scams conference.
Most of these
domains are registered in the US. It may be hard for Yahoo to take
action until the domains are used in a phishing attack. According
to TechWhack Cox said “They are hosted on Yahoo! I just took three
hot words, but there are dozens of others including misspellings.
They are mostly phishing websites, which shows that the situation is
out of control.”
When asked whether a spammers domain be suspended
a Spamhaus source replied
"Yes! They need an anti-spam AUP (Abuse Control Recourses)
which they can enforce. And some do. To lock the domain,
registrars must first put it on "REGISTRAR-HOLD" and at the same
time, change the listed namesevers to ones that return no, or a
null, result. To further lock down a spammer's domain, a registrar
can update the domain's email contact addresses to some catch-all
mailbox of theirs (eg. firstname.lastname@example.org).
Yahoo! is a major
player in the web hosting business so it is expected that they would
be singled out. Spamhaus
claims that they have “intimated”
Yahoo! many times but failed to get any changes. Yahoo was
unavailable for comment about this story.
If you have any comments or an article of your own
we would like to hear it.
Submit your comment
Best Syndication Staff Writer
Keywords and misspellings: spamhaus
spamhause spamhouse yahoo domain domane phishing phish phisher