New threat for Yahoo/AT&T/ email users

Yahoo! Hacks


In the past few weeks, we’ve been seeing a large and increased amount of hacks of Yahoo email accounts, and the end user doesn’t even know it. This is not just for people with @yahoo email address but also sbcglobal, att and any email service that uses the yahoo interface.

The scam goes something like this:

1) People you’ve conversed with in the past get an email from you with no subject or a cryptic subject. You are curious and open it

2) Typically the other recipients of the message are people you know

3) Inside the message is a link along with (possibly) an endorsement of a product. The product I’ve been seeing advertised the past few weeks is a weight loss product

How do you know you’ve been hacked?

The best way to know is by others reporting it to you. A friend will see an email from you and it will usually make it through the spam filters because, well, it was from someone they know. The spammers know this is a great way to get people to read the emails. Moreover, they realize since you know the sender, recipients are more likely to open the message and click on the link. Don’t.

Typically the forces of evil out there will change the password to an email account so that way they lock you out while they start spamming your friends. The problem with that strategy is they get shut down quickly and the victim changes the email password. Then they have to hack another account. The “wise” hacker doesn’t change the password thereby allowing more time before the end user catches on. Devious.

A few tell tale signs I’ve seen in the past few weeks might help you determine if your account was hacked.

First, you’ll notice large gaps of missed items in sent email. Here is an example. The hackers deleted their tracks but were a bit too aggressive and deleted other emails in the process. They also emptied the trashed items (most people don’t empty their trash)

Another way to know is to see where your account was accessed. I wish I could tell you an easy way to find this information, but it depends greatly on how you access Yahoo and who your ISP is, but usually if you go to and search for “login activity on your account”, you can find the link. I’ve been able to get to it recently by following the instructions on this link and this link works on some accounts. Notice when you get to the login activity pages (picture) there are logins from India, Virgina and Malaysia, though the client lives in Kansas City. This means a hacker outside the country got their password. Typically this does not mean the computer has a virus since these logins were from somewhere else.

Why did this happen?

I don’t know. Typically it’s because the passwords were easy to guess. Computers can try every word in the dictionary and easy combinations of things and try to break in. Your password should be a combination of letters and numbers and avoid words in the dictionary. Here is a good link on password creation.

Another possibility is you clicked on a link that made you think you were logging into your Yahoo mail when in fact it was a rogue of “phishing site”. These are increasingly common, especially if you don’t use a link from your favorites or bookmarks to get to your email.

Some users have reported using their browser at a hotel kiosk or other public place. The problem with logging into email at a public computer is you don’t know what the person before your or after you has done with the computer and they may have installed password stealing software.

Finally, and what I think may be a key reason, is high-profile hacks of websites such as Linked In, Gawker, Zappos and countless others. Hackers know that people tend to use the same password in multiple places so if they got your password from one of those services, they might have assumed that your login for Yahoo was the same (and let’s face it, for most of us, it very may well be.

How to fix and prevent this

Some of the age old security advice you hear again and again holds true here. Make your passwords difficult to guess, change them often, and don’t use the same password everywhere. Since not all of us follow that advice, Yahoo has a few more options.

First, they give you the option of a “Sign-In Seal” that allows you to use a visual ID to verify your account. A hacker won’t know that that is a picture of Sally your dog Fido so they’ll be unable to access your account. Sure, it’s an extra step, but choose a fun picture you’ll enjoy seeing. You change the background on your smart phone to a favorite picture so do the same here.

Another great option is to create a second email address that you can be contacted with. If you have a Yahoo email, use a Gmail or a Hotmail address. Just make it so that way if you get locked out, Yahoo has a way of contacting you.

The final and best option Yahoo gives you is add a mobile phone number to your account. They’ll text you if you get locked out of your account.

If you know of someone who has had their Yahoo email hacked, then be sure to forward them this post so they know what to do and how to prevent it for the future.

UPDATE: Due to the popularity of this post I’ve written two tutorial videos of your to protect your Yahoo account via a Sign in Seal and Two Factor authentication. Here are the videos

Tags: , , ,

26 Responses to "New threat for Yahoo/AT&T/ email users"

  • Evelyn Davis says:
  • Vicky says:
  • dgreenbaum says:
  • Bill says:
  • Bob O says:
  • thomas says:
  • Rafiq says:
  • dgreenbaum says:
  • Kim Whiteurst says:
  • Mbruce says:
  • shamsher says:
  • Data Double says:
  • Maui says:
  • boomer says:
  • dgreenbaum says:
  • Missy says:
  • Katherine says:
  • Richard Schneider says:
  • Frank says:
  • Denise S. says:
  • Judy Lynne Lynn says:
  • alert says:
  • wallace diskin says:
  • Gladys says:
Leave a Comment

Copyright © DoctorDave Computer Repair in Lawrence Kansas |   intrepidity Theme by Top Blog Formula on WordPress |   Log In