Solved

Yahoo Email Spoof

Posted on 2010-09-21
4
1,334 Views
Last Modified: 2013-11-22
Hi, I'm an IT systems admin and developer for many years, and I'm embarrassed to say my yahoo.com email address was recently spoofed. I'd like to get some idea of how this happened, and what could be done to prevent it in the future?

Everybody on my yahoo.com contact list got a message with no subject and an evil looking link. The header info shows it came from yahoo.com, and in fact it actually did, as the mails are in my Sent items. The mails were sent in the middle of the night, when all my computers were off.

AV full scans on all computers showed no problems.
Windows Defender full scans picked up nothing.
I've never clicked on any suspicious links in email.
I've never (knowingly) been phished.
I'm above-average paranoid and security conscious.

The only X factors might be that I must use Yahoo IM for work, which uses the same login as the email. And also I logon to this account using my iPhone.

Please let me know if anyone has any thoughts on this.
0
Comment
Question by:chriswight
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
jhill777 earned 125 total points
ID: 33729323
I would just change your passwords immediately.  If the emails are in your sent items then your email addy was more than spoofed.  Somebody actually used your account.
0
 

Author Comment

by:chriswight
ID: 33729983
OK, yes I figured all I could do at this point was change passwords.

Any thoughts on how this may have happened? Like I say, I'm pretty paranoid and cautious, and change passwords on a fairly regular basis.

Recently I've heard rumors of iPhone security flaws, so I wonder if that could be a factor somehow.
0
 
LVL 3

Assisted Solution

by:Richard1985
Richard1985 earned 125 total points
ID: 33734187
Hey Chris,

Logins over mobile devices are still very unsecure - specifically the I-Phones have been experiencing a lot of major issues with security being compromised.  I would continue to change your password on a regular basis. If your home setup is secure then this leaves your work setup also - is this setup secure?

I think the compromise probably occured on your Iphone.

Thanks
0
 

Author Comment

by:chriswight
ID: 33735371
Thanks, guys.

Yes, I'm fairly convinced my work PC is secure. At times it seems inconveniently secure. Anyway it uses a standard corporate build, so I have no control over it.

As I said, my home PC is pretty well locked down. I'd be surprised if it had been hacked, and I've never been victim to a phishing scam. AV and Windows Defender picked up no issues.

Since I don't use email on the iPhone very often, I might replace this account with a dummy hotmail account, create some dummy contacts, and see if it happens again.

Cheers,
Chris
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
macbook with parasites / two issues 4 101
iOS vulnerability (9.3.5) 5 81
Zeus black pop up screen virus 7 64
Regedit Register where from, why everyday need to clean them  ? 13 75
12 Steps to a more secure Internet experience (http://tekblog.teksquisite.com/) Everyone who is a licensed driver initially had to pass a driving test that consisted of taking:    1. a written test    2. a road test    3. a vision test Le…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now