Email: possibly get hacked?

Posted on 2014-03-12
Last Modified: 2014-03-16

I have a yahoo email. It is possibly get hacked? (This is the 2nd time)

A friend sent me the notice or reply like this:
- A lot of my address book are being seen in the email
- And there is a link to the web site like this -->  ***** Note that this is a scam site, enter it at your own risk,  MIT********

My questions:
What should I do?
I did change the password last week (After I changed the password, it seemed solving the problem; but just this morning,  i got the above info from a friend)
Should I do not use this email anymore and create another one? (If yes, I would be very sad) or any way to protect it (so it would not happen again next time?)

Question by:tjie
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 38

Accepted Solution

BillDL earned 500 total points
ID: 39926060
Firstly, and this is information directed at anybody reading this question, DO NOT click on the link given in the question above.  It is a PHP page that tells the browser to do what is called a "Meta Refresh" and reload an entirely different page, namely a fraudulent, phishing, or generally malicious content.  Most modern browsers are automatically configured to block reported phishing and fraudulent sites, but you can never be too sure that they will.  In my case Firefox blocks the "redirect" with this notification:
.  and the explanation is given here:
The blocking is handled differently for other browsers.

I can't be sure what the page you would be redirected to is designed to do, but it in turn loads yet another script, and you would probably get what is called a "drive by infection".

There is a commonly used expression:
"There is no sense in closing the barn door after the horse has bolted"

An unknown number of Yahoo accounts were hacked at the end of January this year:

Supposedly Yahoo identified which accounts had been hacked, they changed the passwords, and then informed users of this and told them to reset their passwords.  In other words, data had  already obtained by the imposters (the horse had bolted), and creating a new strong password (closing the barn door) would only help to stop some other breach of security.

The emails that people in your contacts list are getting are undoubtedly being sent from somewhere else and are pretending to be from you.  It is highly improbable that someone, or some malicious software, is repeatedly accessing and using your account to send these emails.  If this is the case, then there really isn't anything you can do other than changing your password in yahoo and in other linked accounts to try and prevent further data theft from those other accounts.

What I would do first of all is to send separate emails to all of your contacts using another email account and inform them that it is not you who is sending the yahoo emails to them.  Tell them not to open any emails that appear to have come from you,  certainly not to click on any links in them if the emails show as previews, and never to reply to them.

Do you download your Yahoo email to an installed program like Microsoft Office Outlook, Mozilla Thunderbird, etc?

If so, then it is possible that you have actually had a virus on your computer that copied all of your contact details.  The virus may still be on your computer in this case, so you really need to update your AntiVirus software and run a very full scan.  It is also sensible to install another AntiVirus software and do a scan in case the other program missed something.  One of the most popular good malware scanners is the free version of MalwareBytes which you can download here:

If you only read your yahoo mail as webmail in your browser, then it is always a good idea to scan your system for malware, but there probably isn't any direct link between what is happening and your computer.  If you have any confidential emails or data in any other account that uses your Yahoo email address as a login, then change the passwords for those other accounts and all places that the confidential information refers to, such as banking, other email accounts, and so on.

Assuming that this is just spam with malicious links to encourage recipients to click on them, then spam often eventually stops.
LVL 38

Expert Comment

ID: 39932291
Thank you tjie

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IT Desktop Support 11 108
Who uses Yahoo mail and settings for themes? 2 36
Exhange 2010 10 60
No MailChimp 'Content' heading in design mode 2 28
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Read this checklist to learn more about the 15 things you should never include in an email signature.
The purpose of this video is to demonstrate how to set up Lists in Mailchimp. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchimp account. : Click on Lists. Click on Create List Button : Choose the desi…
Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question