Solved

Yahoo Email Spoof

Posted on 2010-09-21
4
1,337 Views
Last Modified: 2013-11-22
Hi, I'm an IT systems admin and developer for many years, and I'm embarrassed to say my yahoo.com email address was recently spoofed. I'd like to get some idea of how this happened, and what could be done to prevent it in the future?

Everybody on my yahoo.com contact list got a message with no subject and an evil looking link. The header info shows it came from yahoo.com, and in fact it actually did, as the mails are in my Sent items. The mails were sent in the middle of the night, when all my computers were off.

AV full scans on all computers showed no problems.
Windows Defender full scans picked up nothing.
I've never clicked on any suspicious links in email.
I've never (knowingly) been phished.
I'm above-average paranoid and security conscious.

The only X factors might be that I must use Yahoo IM for work, which uses the same login as the email. And also I logon to this account using my iPhone.

Please let me know if anyone has any thoughts on this.
0
Comment
Question by:chriswight
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
jhill777 earned 125 total points
ID: 33729323
I would just change your passwords immediately.  If the emails are in your sent items then your email addy was more than spoofed.  Somebody actually used your account.
0
 

Author Comment

by:chriswight
ID: 33729983
OK, yes I figured all I could do at this point was change passwords.

Any thoughts on how this may have happened? Like I say, I'm pretty paranoid and cautious, and change passwords on a fairly regular basis.

Recently I've heard rumors of iPhone security flaws, so I wonder if that could be a factor somehow.
0
 
LVL 3

Assisted Solution

by:Richard1985
Richard1985 earned 125 total points
ID: 33734187
Hey Chris,

Logins over mobile devices are still very unsecure - specifically the I-Phones have been experiencing a lot of major issues with security being compromised.  I would continue to change your password on a regular basis. If your home setup is secure then this leaves your work setup also - is this setup secure?

I think the compromise probably occured on your Iphone.

Thanks
0
 

Author Comment

by:chriswight
ID: 33735371
Thanks, guys.

Yes, I'm fairly convinced my work PC is secure. At times it seems inconveniently secure. Anyway it uses a standard corporate build, so I have no control over it.

As I said, my home PC is pretty well locked down. I'd be surprised if it had been hacked, and I've never been victim to a phishing scam. AV and Windows Defender picked up no issues.

Since I don't use email on the iPhone very often, I might replace this account with a dummy hotmail account, create some dummy contacts, and see if it happens again.

Cheers,
Chris
0

Featured Post

ScreenConnect 6.0 Free Trial

Discover new time-saving features in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Norton antivirus 11 80
Local Drive Access Denied 5 88
EICAR File 5 68
my niece installed an app from a dmg file should i be worried? how to find out it is not harmful? 10 39
So you got the Conficker. You could go to each machine and run the eye chart test (http://www.confickerworkinggroup.org/infection_test/cfeyechart.html), but in a bigger environment, or if you prefer to work smarter and not harder, you need some …
These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question