Once a user enters their Yahoo ID and password, the information is then sent to a third party, which may use it for other purposes.
The phishing website is propagated via messages sent over Yahoo instant messenger that include no information beyond the link https://geocities.yahoo.com.br/forun_amex/login.html. All users should avoid clicking on this link.
Trend Micro Australia and New Zealand senior systems engineer, Adam Biviano, says: 'This address could be closed at any time, with a new address replacing it to continue deceiving users. Online phishers are just like con artists on the street; they set a trap to deceive a large number of people each time. They continuously shut down their traps and quickly switch to other providers to avoid being caught.'
The phisher's hypothesis states that URLs used can only exist for approximately 52 hours. According to Aniphishing.org, phishing URLs last an average of 5.8 days, with the longest length of time being around one month.
The Yahoo Game phishing site even displays copyright and privacy statements, making it very difficult for the average person to determine its authenticity.