A new phishing attempt to steal Yahoo! login credentials has been discovered and has been floating around for a while. The said page is hosted by – ironically – Yahoo! Geocities, and this time it is hosted in Brazil (the usual targets of BANCOS spyware are Brazilian banks).

By conjecture, it can be said that the said page has stolen a lot of login credentials already. When visited, the Page Unavailable page appears; either the user has removed the said page, or it has exceeded the monthly bandwith quota.

So if someone spammed you the link http://geocities.yahoo.com.br/hstrial_poolgames/login.html (either via email or IM), please disregard the said message. Or if you wish, you can visit and log in, AT YOUR OWN RISK. (That is, if the page is not taken down permanently.)

Stealing at Christmas? BAD!