Brightcloud tagging Yahoo sites as Phishing and Fraud

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Brightcloud tagging Yahoo sites as Phishing and Fraud

L2 Linker

Greetings!

Today I received several helpdesk calls concerning yahoo! mail not working. Logs show that the 'yming.com' site that yahoo! uses is being flagged as a 'Phishing and Fraud' site.

I know I can report it (24-48 hour fix) and can manually unblock, but what a pain. Is anyone else seeing this issue?

6 REPLIES 6

Not applicable

I am out of the office on 5/29 and 5/30 and will be back in the office on 5/31. If you need immediate assistance, please contact the Help Desk.

L0 Member

When I load yming.com it goes to one of those pesky (probably malicious) fake search pages.  For us - haven't run into any Yahoo blocks and we are running current content.

Cheers,

Mike

Weird. I know that several of our folks had this problem, and unblocking yimg.com was the fix..

L5 Sessionator

Hi Everyone,

There was indeed an issue with a site that is associated with Yahoo Mail. 

Some quick background - mail.yahoo.com has always been correctly classified, and mail.yimg.com (which provides content for mail.yahoo.com) has always inherited its categorization from yimg.com, which has historically been categorized as internet portal.

However, a blackhole exploit and javascript used in some phishing attacks was found on the following URL on 5/16/2012:

mail.yimg.com/zz/combo?/nq/mc/15_0_2/js/yui_utils.js&/nq/mc/15_0_2/js/core.js&/d/lib/bc/bc_2.0.4.js&... on

As a result, BrightCloud changed the category for mail.yimg.com to Phishing, which then caused Yahoo Mail not to load properly if customers had a policy to blocking Phishing.

BrightCloud quickly realized this mistake and corrected the categorization for mail.yimg.com (it is now web-based email, since it is linked to mail.yahoo.com) and published a new database for it.  For those customers that were affected by this, the cache entry should automatically be corrected when you download a new BrightCloud database (this is usually done by default on a daily basis - check your software update schedule).

Hope this helps,

Doris

Thanks for great feedback! 🙂

Thanks, love to know the details!

  • 3668 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!