Solved

Yahoo Email Spoof

Posted on 2010-09-21
4
1,330 Views
Last Modified: 2013-11-22
Hi, I'm an IT systems admin and developer for many years, and I'm embarrassed to say my yahoo.com email address was recently spoofed. I'd like to get some idea of how this happened, and what could be done to prevent it in the future?

Everybody on my yahoo.com contact list got a message with no subject and an evil looking link. The header info shows it came from yahoo.com, and in fact it actually did, as the mails are in my Sent items. The mails were sent in the middle of the night, when all my computers were off.

AV full scans on all computers showed no problems.
Windows Defender full scans picked up nothing.
I've never clicked on any suspicious links in email.
I've never (knowingly) been phished.
I'm above-average paranoid and security conscious.

The only X factors might be that I must use Yahoo IM for work, which uses the same login as the email. And also I logon to this account using my iPhone.

Please let me know if anyone has any thoughts on this.
0
Comment
Question by:chriswight
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
jhill777 earned 125 total points
ID: 33729323
I would just change your passwords immediately.  If the emails are in your sent items then your email addy was more than spoofed.  Somebody actually used your account.
0
 

Author Comment

by:chriswight
ID: 33729983
OK, yes I figured all I could do at this point was change passwords.

Any thoughts on how this may have happened? Like I say, I'm pretty paranoid and cautious, and change passwords on a fairly regular basis.

Recently I've heard rumors of iPhone security flaws, so I wonder if that could be a factor somehow.
0
 
LVL 3

Assisted Solution

by:Richard1985
Richard1985 earned 125 total points
ID: 33734187
Hey Chris,

Logins over mobile devices are still very unsecure - specifically the I-Phones have been experiencing a lot of major issues with security being compromised.  I would continue to change your password on a regular basis. If your home setup is secure then this leaves your work setup also - is this setup secure?

I think the compromise probably occured on your Iphone.

Thanks
0
 

Author Comment

by:chriswight
ID: 33735371
Thanks, guys.

Yes, I'm fairly convinced my work PC is secure. At times it seems inconveniently secure. Anyway it uses a standard corporate build, so I have no control over it.

As I said, my home PC is pretty well locked down. I'd be surprised if it had been hacked, and I've never been victim to a phishing scam. AV and Windows Defender picked up no issues.

Since I don't use email on the iPhone very often, I might replace this account with a dummy hotmail account, create some dummy contacts, and see if it happens again.

Cheers,
Chris
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now