My Yahoo email hacked

derk

derk

derk

Soldato
Joined
18 Oct 2002
Posts
2,937
Location
Lancashire
Just got home (been gone just a couple of hours) to find a batch of failed messages apparently by me ...

qSyM2dB.png


Did a little digging and found this .....

WyFQ5yV.png


Turkey :eek: from a mobile :mad:

No way anyone knew my password, how is this possible?

Anyone else on yahoo had this?

**************************************************

EDIT: To save you reading the entire thread - if you have yahoo mail you can check recent log-in activity by doing the following....

Start up Yahoo mail.

Hover over your user icon top right.

Choose account info.

Then under 'Sign in & Security' check recent login activity.

You can also create a 'sign in seal' here too.
 
Last edited:
I'd change your password ASAP and do a virus scan.


I hope you aren't using that password for any other accounts...
 
I had a client where this happened to her,

Didn't check the log in activity but they had 200+ MailerDeamon emails, so something tasty was going on.

Changed password and recovery details, nothing since.


**Ran AVG and Maleware bytes, Reported nothing though.
 
I don't think this is that uncommon.

It happened with my gmail before and my password was just a random string of characters. My PC was also clean and I didn't tend to log in from 'dodgy' sources.

One day I noticed my account had been accessed from somewhere in the Caribbean.

Anyway, changed my password and added 2-step verification, had no problems since. Not sure if Yahoo will offer similar security, but it's a great feature of gmail!
 
Happened to my wife at the weekend. No real damage done, but still very annoying. She never uses other computers, nor doe she use the same password elsewhere. We have no idea how this happened.

Something that maybe of use is that Yahoo now hava something called "secondary verification" in Beta, though is seems anyone can make use of it. What is does is ask for additional authentication if access to your email is requested from a new IP address (might be machine, otherwise I guess mobile access would always require it). This can either be in the form of a security question, or a code sent to a registered mobile that then needs entered. Seems to work well and might prevent this happenign again. Though I'm still very uncomfortable that this happended at all.

EDIT: This hack originated from Thailand
 
Last edited:
halz said:
That's interesting.....and worrying, time to start looking for a more secure email provider I think.
Click to expand...

The question I have is where to go. Are any of the other email providers better? I wonder if Yahoo is just unlucky in being targetted this time round and that google might be next.
 
peter_hutson said:
Something that maybe of use is that Yahoo now hava something called "secondary authentication" in Beta
Click to expand...

Yes I just noticed something called a secondary seal or something but to be honest my faith in Yahoo is fading fast.

Should I go for a new provider or am I overreacting to the situation, as Peter says are the other free email services any better?
 
Change yer password and account details.
Check for auto forwarding/res[ponding in your mail options.
Checekd for linked email accounts in your acc details and change your security details.
 
There have been loads of reports of people's yahoo accounts being comprimised.
In the next few days i imagine there will be a press release with them admitting a security hole was found.
 
halz said:
Yes and no, working on it as we speak, its bleeding ridiculous the number of passwords I have to remember, I need 3 just to access my bank account....3 :rolleyes:
Click to expand...

Use something like KeePass?

halz said:
Yes I just noticed something called a secondary seal or something but to be honest my faith in Yahoo is fading fast.

Should I go for a new provider or am I overreacting to the situation, as Peter says are the other free email services any better?
Click to expand...


GMail.
 
Azza said:
Use something like KeePass?




GMail.
Click to expand...

Exactly what I was going to suggest.

Setup KeePass (http://keepass.info/) and start using GMail.

Here's why: http://lifehacker.com/keepass/
Here's alternatives: http://lifehacker.com/5042616/five-best-password-managers
Here's how to setup KeePass: http://lifehacker.com/184774/geek-to-live--securely-track-your-passwords?tag=softwaretop
Here's how to use DropBox to sync your keepass database so it's accessible everywhere: http://lifehacker.com/5063176/how-to-use-dropbox-as-the-ultimate-password-syncer
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom