A nice (well… no more…) friend of mine sent me a link http://www.geocities.com/joke_of_the_day_3_4/ . I unlike usual, followed that link thinking that it was what it said.
What you see there is a Login Page for using the Yahoo! Flickr service. I didn’t understand why it was there, but cause my brain wasn’t working after studying for hours, I simply put in my login and password. And guess what ??? I got suckered… It took me to some weird page…
Then I realized what a dumb thing I had done. I actually mailed my login and password to someone sitting in Japan. Had to kick myself for a while and then change passwords for all the accounts that had the same password.
Going though the page source I found that the email address getting all this info was email@example.com. Guessing by that, I am sure this nice human being has more such pages set up. Also saw that (s)he is using a CGI script hosted at www2.fiberbit.net. Checked the WHOIS Db and found it is registered to some F Bit Communications Corp in Kyoto, Japan. Anyways… have sent a few nice words to the email address above… X-(
Just to show what how the whole thing works… I have copied the source and you can goto it here on my site. I have changed the form a bit. Just enter any email (full email, not just the user-id) in the username textfield and any text you want in the password text field. After hitting submit, you can go and check the email address you provided. You will see the exact info that you provided.
I feel like such a jackass right now… Having spent almost all my time for the last so many years online, I still fell for this one… People around the world, keep getting suckered every freaking day… one really has to be very careful while browsing the www. It’s a bad bad world out there. I did go ahead and fill up a form on Yahoo! to let them know of this page. There’s a lot of shit on Geocities and Yahoo! isn’t doing anything about it… this and the fact that it took me sooo much time to find that General Abuse Form, really pissed me off.
UPDATE: my friend didn’t send it. I got it as an offline, so I assumed that he had. It is actually some sort of a virus… I am sure many people others got it too then…
ANOTHER UPDATE: Got a reply from people at Yahoo!. They have taken the necessary action, i.e. removed the site within 3 hrs of notifying them… hmm.. nice..
Thank you for informing us of possible abuse on Yahoo! GeoCities. We have investigated the site and taken the necessary action. We appreciate your concern and thank you for reporting this incident to Yahoo!.
You can still see what the page was like here.