[heiker]

I know of three Yahoo Mail Accounts that have been hacked in the last couple of days. If you've got a Yahoo Account then change your password to something really complicated.

[psionic]

Quite a few mentioning problems with BTyahoo mail lately. http://forums.digitalspy.co.uk/showthread.php?t=1803444

[heiker]

Quote:

Originally Posted by psionic

Quite a few mentioning problems with BTyahoo mail lately. http://forums.digitalspy.co.uk/showthread.php?t=1803444

Just googled "Yahoo Hacking". Looks like this has been going on for months. Checked my Yahoo Login Activity, my hacker based in Thailand.....I've even got the bastard's IP Address

[albertd]

Quote:

Originally Posted by heiker

....my hacker based in Thailand.....I've even got the bastard's IP Address

It is quite possible that the user in Thailand doesn't even know that their IP is being used as they are very probably a victim of a hacking attack themselves and their computer is being used by the hackers.

[chrisjr]

Quote:

Originally Posted by albertd

It is quite possible that the user in Thailand doesn't even know that their IP is being used as they are very probably a victim of a hacking attack themselves and their computer is being used by the hackers.

Or the hacker is sitting in a bedsit in Slough and using a proxy server in Thailand to hide his activities. Plenty of ways to hide where you really are if you have the knowledge.

[heiker]

Looks like this problem is down to the fact that Yahoo left the back door wide open. Spoke to someone this morning who was hacked last night and they confirmed that they were using a long complicated password for their Yahoo Account.

[hxbro]

I'm getting lots of spam from yahoo accounts

[koantemplation]

A friend's yahoo account was hacked, they only found out when I told them I had a spam email from them.

[flagpole]

it's more likely to be the password reset procedure that is at issue than the password.

there is no point having a long complicated password if your security question is what is your favourite colour.

[heiker]

No point in having two threads open. Suggest you post on:

http://forums.digitalspy.co.uk/showthread.php?t=1803444

[cnbcwatcher]

Just checked my login activity. Last login was from Ireland, where I am. That means mine is ok.

[koantemplation]

Quote:

Originally Posted by cnbcwatcher

Just checked my login activity. Last login was from Ireland, where I am. That means mine is ok.

How do you check for your login activity?

Edit: It's OK I've found it.

[plugs13amp]

For those that can't find / haven't found the login activity page, go here

[emptybox]

Somebody seems to have logged into mine from Uruguay.

Changed the password, but not sure how much damage has been done?

[DJW13]

My mysterious logger-in this morning was from Belarous. Hopefully no-one who received the unexpected message from me will have opened the link in the message!

I've changed my password - I assume there is nothing else I can do? I can still receive messages, but Yahoo has blocked my account from sending more for the moment. They say they might block the account for up to 48 hours, so I'll just keep trying.

[Stig]

Did those of you who were hacked have a simple dictionary word as a password?

It would be interesting to know how they are doing it.

[heiker]

Quote:

Originally Posted by Stig

Did those of you who were hacked have a simple dictionary word as a password?

It would be interesting to know how they are doing it.

I originally had a 7 character noun plus 3 numerics password. However, I'm convinced that they are not working out passwords to gain entry. This is entry via a back door that Yahoo left wide open.

[NoseyLouie]

That's worrying, I checked mine but all seems ok, I changed my questions and password anyway...

[OMTT]

This happened to me earlier in the week. I only found out the next morning when I had over 50 emails in my inbox from mail daemon saying I had failed emails etc but when I checked the sent items, they weren't showing. I've also had an increase in spam in the time since.

I changed my password straight away & I just clicked on the link above to see where I had been signed in & I was signed in twice in Thailand within a minute on both PC & mobile

[s2k]

I updated my password a few days ago as a precautionary measure. Strangely enough it doesn't allow you to use any special characters in your password so its hardly surprising accounts are getting hijacked.

[emptybox]

Quote:

Originally Posted by Stig

Did those of you who were hacked have a simple dictionary word as a password?

It would be interesting to know how they are doing it.

Quote:

Originally Posted by s2k

I updated my password a few days ago as a precautionary measure. Strangely enough it doesn't allow you to use any special characters in your password so its hardly surprising accounts are getting hijacked.

Simple passwords would only be an issue if Yahoo allowed unlimited attempts without lock-up, whereas your account locks up for a few hours after the fourth wrong attempt.

Also, as well as a password, they use a captcha code, so that should stop somebody using automatic software?

[DJW13]

I was relieved to find this morning that there were no more fake messages and that I can now send e-mails again.

I was asked for a captcha code before sending it though and it remains to be seen whether I will always have to provide one in future, or whether this was just a one-off to ensure that a human was back in charge.

[Thine Wonk]

It is likely people using the same yahoo login and password on a service that has been hacked like Evernote was, and then those accounts being abused on Yahoo. That or silly questions and answers on password reset.

[emptybox]

Quote:

Originally Posted by DJW13

I was relieved to find this morning that there were no more fake messages and that I can now send e-mails again.

I was asked for a captcha code before sending it though and it remains to be seen whether I will always have to provide one in future, or whether this was just a one-off to ensure that a human was back in charge.

I'm finding that Windows Live Mail won't log into Yahoo to fetch mail. It just keeps asking for my new password.
Logging into the Yahoo site is fine.

Luckily I only use Yahoo as a secondary email address, and I don't have any contacts for them to send mail to, if I'm hacked again.
I think I'll just abandon it as a bad job.

And to Thine Wonk, I'm not registered to Evernote, or any other service that's been hacked (as far as I know?), and my password reset question is not one that could be easily guessed or found out. So I don't think that's how it's been done?

[Thine Wonk]

Quote:

Originally Posted by emptybox

I'm finding that Windows Live Mail won't log into Yahoo to fetch mail. It just keeps asking for my new password.
Logging into the Yahoo site is fine.

Luckily I only use Yahoo as a secondary email address, and I don't have any contacts for them to send mail to, if I'm hacked again.
I think I'll just abandon it as a bad job.

And to Thine Wonk, I'm not registered to Evernote, or any other service that's been hacked (as far as I know?), and my password reset question is not one that could be easily guessed or found out. So I don't think that's how it's been done?

You say that, but thousands of sites people visit have been hacked, there's every chance you used that Yahoo email address and the same password at a random site that got hacked.

That's why you should:

Use a complex password at least 9 characters long, that means if they get your hashed password from the database of the hacked site it'll take a long time to work out what it was.

Use unique passwords for sites by using a password manager either in your browser to remember it or Lastpass or Keypass.

Consider changing high security passwords like your email account once every 3 months, remember your email is the key to resetting ALL other accounts out there. It needs to be as secure as your online bank or Paypal. These should have at least 9 character passwords, unique and be reset once every 3-6 months.

Password reset answers are a real weakness and you should consider making them more complex. Enable 2 factor auth if available, such as google sending you an SMS code in order to reset your password - they offer this.

Gone are the days of 'apples21' being acceptable. They'll find a vulnerable site, sql inject or extract the database contents, in some cases they'll need to rainbow table the passwords to work out what they were and this can take time. They will then sort the accounts into their associated webmail services, script to test which work and which don't and then sell the working ones.

If you're lucky it'll just get used for spam, if you're very unlucky somebody will search the email to find what services you use, steam, google play etc reset the passwords for those and then sell those credentials. Play accounts go for £100, so you can see why they are motivated to do all this work.