Yahoo Email Spoof

Hi, I'm an IT systems admin and developer for many years, and I'm embarrassed to say my yahoo.com email address was recently spoofed. I'd like to get some idea of how this happened, and what could be done to prevent it in the future?

Everybody on my yahoo.com contact list got a message with no subject and an evil looking link. The header info shows it came from yahoo.com, and in fact it actually did, as the mails are in my Sent items. The mails were sent in the middle of the night, when all my computers were off.

AV full scans on all computers showed no problems.
Windows Defender full scans picked up nothing.
I've never clicked on any suspicious links in email.
I've never (knowingly) been phished.
I'm above-average paranoid and security conscious.

The only X factors might be that I must use Yahoo IM for work, which uses the same login as the email. And also I logon to this account using my iPhone.

Please let me know if anyone has any thoughts on this.
chriswightAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
jhill777Connect With a Mentor Commented:
I would just change your passwords immediately.  If the emails are in your sent items then your email addy was more than spoofed.  Somebody actually used your account.
0
 
chriswightAuthor Commented:
OK, yes I figured all I could do at this point was change passwords.

Any thoughts on how this may have happened? Like I say, I'm pretty paranoid and cautious, and change passwords on a fairly regular basis.

Recently I've heard rumors of iPhone security flaws, so I wonder if that could be a factor somehow.
0
 
Richard1985Connect With a Mentor Commented:
Hey Chris,

Logins over mobile devices are still very unsecure - specifically the I-Phones have been experiencing a lot of major issues with security being compromised.  I would continue to change your password on a regular basis. If your home setup is secure then this leaves your work setup also - is this setup secure?

I think the compromise probably occured on your Iphone.

Thanks
0
 
chriswightAuthor Commented:
Thanks, guys.

Yes, I'm fairly convinced my work PC is secure. At times it seems inconveniently secure. Anyway it uses a standard corporate build, so I have no control over it.

As I said, my home PC is pretty well locked down. I'd be surprised if it had been hacked, and I've never been victim to a phishing scam. AV and Windows Defender picked up no issues.

Since I don't use email on the iPhone very often, I might replace this account with a dummy hotmail account, create some dummy contacts, and see if it happens again.

Cheers,
Chris
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.