Here’s what happens when the witless victim clicks the link in the spam to open that spiffy new Yahoo e-mail account:

  1. Link redirects victim through Google, ZDNet or Cnet several times.
  2. Victim winds up at the phisher’s pseudo-Yahoo web-site.
  3. Fake site triggers the real-life Yahoo email sign-up form.
  4. When victim completes the form, phishers control a brand-new account.

Why bounce through the Big Guys? Probably to make filters think the traffic is coming from sources that you simply can’t afford to block.

Why would anybody click a link in a spam? Inferior email content filtering, along with poor training. You can avoid a whole lot of training by installing professional filtering equipment.

See for yourself at ZDNet.