Books written by Ray Sullivan

Monday, 6 May 2013

Has Yahoo Mail Been Hacked?

Just before logging off from my work computer the other day two emails dropped in, apparently sent from one of my Yahoo accounts.  Now I knew I hadn't emailed myself anything and any computers with my Yahoo email on were safely powered down at home.  So I guessed I'd been hacked.

By the time I got home I had a raft of legitimate emails from friends and family suggesting my account had been compromised and some reporting that the links embedded in the emails being sent out were being flagged by anti-virus programs as containing malware.  I also had an email apparently from Yahoo suggesting that someone in Italy had logged on to my mail account and suggested I use a link in the email to change my password.  I was relatively unconvinced by the Yahoo email as the address looked a little suspicious - the address was yahoo-inc from memory - so I deleted that one, although I now have reason to believe it was legitimate.  I deleted all suspect emails from my tablet, then hopped onto my laptop and changed my password.

Then when I mentioned this in work I discovered that other people I know, some in my address book, some who have never been near it, have experienced the same issue over the last month.  The only common denominator is that they have Yahoo accounts.  Some may have had easily hackable passwords - others, including myself, had suitably complex passwords.  Most now have much more complicated passwords to add a layer of difficulty for those who pass their time hacking accounts.

But was the account hacked at all?  Well, certainly somebody gained access to the account as they gleefully used it to email malware to persons in my address book.  However I'm unconvinced that the amount of persons I know locally who have had their Yahoo accounts compromised recently is a coincidence.  Perusal of the web suggests that since January there have been a lot of Yahoo customers who have had their accounts hacked.  My unproven theory is that Yahoo themselves have had their security breached.

It makes sense for a hacker to put in the extra work needed to compromise the likes of Yahoo rather than trying to crack individual accounts piecemeal.  Even if a hacked file is encrypted, it's one big job to break it rather than lots of smaller jobs to break into individual accounts.

It's a bit of a growth industry, this hacking lark.  And sometimes it seems that  the criminals don't even need to hack a password to slip malware into people's email.  I've had a run of 'comments' posted by anonymous visitors to this blog recently.  Apart from all being anonymous the other common thread has been the insertion of a link 'to their website'.  Some attempt to massage my ego with kind words and slip a link in at the end, others offer to help me improve my blog and slip a link in to supplement the unsolicited advice.  Now I'm assuming that these links might be suspect - there's no way I would ever click on an unsolicited link provided by an anonymous person  - and consequently I delete these comments along with their links from the blog.  Don't get me wrong - if you want to make a comment about the blog, even if it is unflattering advice, then I'm happy for it to be posted.  But don't slip a link on the end of the comment if you want me or anyone else to read your comments.  OK, I'll see the comment, but if the posting has a link then I'll ditch the whole kit and caboodle, in a heartbeat.  Apart from anything else, I don't want any reader of my blog inadvertently being infected or scammed as a result of reading my posting.

As a result of these tainted comments, I now moderate any comments before they hit the blog.

The obvious question I have been asked by some of the less tech savvy victims of these Yahoo hacks is about the purpose.  What are the hackers hoping to achieve?  Well, short of  trying one of the suspect links, I have to guess a little here, but my best guess is that the links either insert keystroke logging malware, or otherwise try to persuade the recipients of the emails to enter their personal details - you know, name, address, date of birth, ATM PIN, mother's maiden name, favourite bank (easy one that - none of them).  The second approach is called phishing, and it's attempted all the time, all over the place.

In fact, some kids in Alaska have just been caught out running a phishing scam at their school.  The thirteen and fourteen year olds, obviously smart, managed to send their teachers a phishing email that extracted the teachers' login details.  They then used that information to access the student records.  The scam worked because the teachers, who probably resist phishing attempts all the time at home, felt they were safe within the school network so their guard was down.

Which is why scammers like to send people in your address book phoney emails that look like they're from you.  Luckily most of these scammers aren't anywhere near as bright as the average Alaskan  school-kid - they've got a lot to learn from those kids who succeeded where many thankfully fail.

So if you have a Yahoo email account -including the alternative suffixes such as rocketmail - then there's reason to believe that your details may have been compromised.  My advice is to run, not walk, to your settings and change the password - make it complex enough to be hard to guess, use numbers, letters and symbols, but make it easy enough for you to remember when sober.  Me, I use number, letters not in the alphabet and a squiggle that represents infinity minus the date of my last dental appointment.  Hack that if you can (oh shit, my dentist reads this blog).  Of course, the compromise I experienced may have been a good old fashioned laborious hack of my password, trying random combinations of letters and numbers one-by-one, but given the number of people I know to have experienced the same recently, I'm not convinced.

If you have experienced your email account being hacked, please feel free to post a comment at the foot of the page.  But don't insert a link if you want anybody else to read it!


                                                          Visit my Book Website here

        Visit Project: Evil Website here                                        Visit DLF Website here

        Follow me on Twitter  - @RayASullivan

        Join me on Facebook -  use to find me

No comments:

Post a Comment