FUCK YEAH! here i cum 15yo camwhores!

http://news.yahoo.com/s/nf/20081008/bs_nf/62355

Internet and Web browser security experts are sounding the alarm about a new type of malicious attack called "clickjacking," a technique that can be used to dupe Web surfers into revealing confidential information while clicking on seemingly innocuous Web pages. Among other things, a clickjacking attack can be used to take control of a computer's Webcam and microphone without the knowledge of the user.
ADVERTISEMENT
http://us.bc.yahoo.com/b?P=5MzfL9G_Rt3ZQ1qGSMiSOQUmY5KhK0jtVeIAAFkC&T=191kcjd18%2fX%3d1223513570%2fE%3d53755120%2fR%3d news%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d4 284241546%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PS JJbnRlcm5ldDtzZWN1cml0eTtHb29nbGU7aXQ7U2VjdXJpdHk7 Z2l2ZTtkYXRhO2NvZGU7TWljcm9zb2Z0O3N0YW5kYXJkczsiIH JlZnVybD0iIiB0b3BpY3M9IiI-%2fQ%3d-1%2fS%3d1%2fJ%3d7147BFD1&U=13fedhp4c%2fN%3d2w4HCNG_XMA-%2fC%3d674272.13016813.13223597.1442997%2fD%3dLREC %2fB%3d5406809%2fV%3d1
Clickjacking has been identified as a vulnerability for the Adobe Flash player, as well as for every major browser, including Firefox, Internet Explorer, Opera, Safari and even the newly released Google Chrome.
"It is a very serious problem," said Giorgio Maone, the author of a widely praised free Firefox extension called NoScript, which blocks potentially malicious scripts from running in the Firefox browser.
"Clickjacking is a very simple attack to build, and now that the details are out, any script kid can try it successfully," Maone warned. "There's no estimate to the number of trap sites, and it's unlikely that we will see any credible report about the number of sites using this technique, because there are literally infinite ways to implement such an attack, therefore no signature-based scanning can detect it automatically."
Unauthorized Access to Information
The growing severity of the clickjacking problem was identified by Robert Hansen, CEO of SecTheory, and Jeremiah Grossman, CTO of WhiteHat Security. The two were scheduled to speak publicly about their discovery last month at the Open Web Application Security Project NYC AppSec conference in New York, but postponed their talk in order to give Adobe and browser companies a chance to come up with a solution.
Reacting quickly to the announcement, Adobe released a security advisory Tuesday, describing the threat as "critical" and instructing users on how to turn off Flash access to cameras and microphones.
"We have just posted a Security Advisory for Flash Player," wrote David Lenoe, Adobe's security program manager, on the Adobe security blog, "in response to recently published reports of a 'clickjacking' issue in multiple Web browsers that could allow an attacker to lure a Web browser user into unknowingly clicking on a link or dialog. This potential 'clickjacking' browser issue affects Adobe Flash Player's microphone and camera access dialog." Lenoe said a patch for Flash would be ready by the end of October.
Unfortunately, as Hansen and other researchers have pointed out repeatedly, Flash clickjacking is only one of the variants of this problem. In a lengthy blog posting about the issue, Hansen said that "there are multiple variants of clickjacking. Some of it requires cross-domain access, some don't. Some overlay entire pages over a page, some use iframes to get you to click on one spot. Some require JavaScript, some don't. Some variants use CSRF to preload data in forms, some don't. Clickjacking does not cover any one of these use cases, but rather all of them."
A Structural Problem of the Web
Hansen warned that it will be challenging to come up with a comprehensive solution to prevent the clickjack threat because of the nature of the code that underlies the Internet.
Maone agreed. "This problem comes from features which are integral to the modern Web as we know it," he said, "and especially from the ability of Web pages to embed arbitrary content from different sites, or to host little applications (applets) through plug-ins like Adobe Flash, Java or Microsoft Silverlight."
Maone predicted that a general browser fix won't be developed any time soon, since the real solution lies in developing a general consensus about changing existing Web standards in the various Internet standardization groups.

meh

fap

im so there

another fun one, since we're talkin tech...

SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.

You suck at quoting stories.

You suck at quoting stories.

SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.
SAN FRANCISCO - Savvy Internet users know that downloading unsolicited computer programs is one of the most dangerous things you can do online. It puts you at great risk for a virus or another time bomb from a hacker.
ADVERTISEMENT
&amp;lt;SCRIPT language=&quot;JavaScript1.1&quot; &amp;gt;&amp;lt;/SCRIPT&amp;gt;&amp;lt;NOSCRIPT&amp;gt;&amp;lt;A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=0/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;&amp;gt;&amp;lt;IMG BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;&amp;gt;&amp;lt;/A&amp;gt;&amp;lt;/NOSCRIPT&amp;gt; <IFRAME SRC=&quot;http://ad.doubleclick.net/adi/N4674.yahooadv/B3072157;sz=300x250;dcopt=rcl;mtfIFrameRequest=fal se;click=http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=2/*;ord=1223524635326881?&quot; WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'> <A HREF=&quot;http://us.ard.yahoo.com/SIG=14tk0dck3/M=688598.12914400.13207800.2498248/D=news/S=8903524:LREC/_ylt=AgT0ms8yvd0CdTZiNW0YxXVk24cA/Y=YAHOO/EXP=1223531835/L=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj./B=rTuDCNG_XMA-/J=1223524635326881/A=5492714/R=3/SIG=13blngndl/*http://ad.doubleclick.net/jump/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot;><IMG SRC=&quot;http://ad.doubleclick.net/ad/N4674.yahooadv/B3072157;abr=!ie4;abr=!ie5;sz=300x250;ord=12235246 35326881?&quot; BORDER=0 WIDTH=300 HEIGHT=250 ALT=&quot;Click Here&quot;></A></IFRAME> <img width=1 height=1 alt=&quot;&quot; src=&quot;http://us.bc.yahoo.com/b?P=fRXHLtG_Rt3ZQ1qGSMiSOQ20Y5KhK0jtgRsABMj.&T=184t6429l%2fX%3d1223524635%2fE%3d8903524%2fR%3dn ews%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d40 48700755%2fH%3dY2FjaGVoaW50PSJuZXdzIiBjb250ZW50PSJ JbnRlcm5ldDtJdDt2aXJ1cztpdDt2aWRlbzt2aWN0aW1zO2Nya W1lO3NlY3VyaXR5OyIgcmVmdXJsPSIiIHRvcGljcz0iIg--%2fQ%3d-1%2fS%3d1%2fJ%3d6E47BFD1&U=13fulcq83%2fN%3drTuDCNG_XMA-%2fC%3d688598.12914400.13207800.2498248%2fD%3dLREC %2fB%3d5492714%2fV%3d1&quot;>
But even some sophisticated surfers could get taken in by a sneaky new attack in which criminals create fake YouTube pages — dead-on replicas of the real site — to push their malicious software and make it look like it's safe stuff coming from a trusted source.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
"It's spot-on accurate, and that is scary," said Jamz Yaneza, threat research manager for security software company Trend Micro Inc. "If I were watching YouTube videos all day I would probably click on this one."
The tactic itself isn't new: There's a constant push by criminals to build more convincing spoofs of legitimate sites to trick people into downloading harmful software. And the latest attacks don't target any vulnerability in the YouTube site.
But it highlights the fact that criminals are getting better at creating bogus sites and developing so-called "social engineering" methods to fool people.
Fortunately, truly alert Internet users can still see the telltale warning signs with the fake YouTube pages. For one, the Web browser won't show the real YouTube's Internet address. And to even see the malicious page, you have to first follow a link that's sent to you, which is often a tip-off that you should independently verify whether the site is legitimate.




better?

Oh, if only these forces of evil could be turned into working toward the good of all mankind instead of spending all their time trying to defeat and breakdown a good internet system. What a waste of talent.




(I'm talking about Goat and his posting response to Pizzle's criticism.)