Yahoo Messenger: Protecting Your Profile from Phishing Risks

While most e-mail users are on guard against viruses, they are far too casual about instant messages, says Sophos security analyst Greg Mastoras. "Virus writers like to exploit low-hanging fruit, and IM is a low-hanging fruit."

The scam works by sending a message from someone on a user's buddy list with a link to what appears to be a Yahoo URL, Akonix reports. Once the user enters credentials on the Web site, the attacker has access to personal information stored in the user's Yahoo Profile.