Phishing: Watch those URLs

Today in my Yahoo! mail account:

Yahoo

If you click that “Sign In” link, you get taken to

http://www.oficinadentalpr.com/includes/drpbx/db/obfuscated.php

which is apparently a dental office in Brazil. (I tried contacting them to let them know that their website had been compromised, but their contact page seems to be malfunctioning.)

Edit: As of today, the entire “Oficina Dental” account has been suspended. Either they got infected and their ISP suspended them on general principles, or the whole page was a sleazy front for this scam operation. We’ll never know.

At any rate, this is what you get:

Yahoo2

Which leads you to the regular “Enter your critical personal information and credit card and bank data” page.

The ongoing lesson: Don’t click embedded links in emails. Just don’t.

The Old Wolf has spoken.