[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Email: possibly get hacked?

Posted on 2014-03-12
2
Medium Priority
?
532 Views
Last Modified: 2014-03-16
Hi,

I have a yahoo email. It is possibly get hacked? (This is the 2nd time)

A friend sent me the notice or reply like this:
- A lot of my address book are being seen in the email
- And there is a link to the web site like this -->
101webtv.com/tpd/fox-news.php  ***** Note that this is a scam site, enter it at your own risk,  MIT********

My questions:
What should I do?
I did change the password last week (After I changed the password, it seemed solving the problem; but just this morning,  i got the above info from a friend)
Should I do not use this email anymore and create another one? (If yes, I would be very sad) or any way to protect it (so it would not happen again next time?)

Thanks,
tjie
0
Comment
Question by:tjie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 38

Accepted Solution

by:
BillDL earned 2000 total points
ID: 39926060
Firstly, and this is information directed at anybody reading this question, DO NOT click on the link given in the question above.  It is a PHP page that tells the browser to do what is called a "Meta Refresh" and reload an entirely different page, namely a fraudulent, phishing, or generally malicious content.  Most modern browsers are automatically configured to block reported phishing and fraudulent sites, but you can never be too sure that they will.  In my case Firefox blocks the "redirect" with this notification:
.  and the explanation is given here:
https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work
The blocking is handled differently for other browsers.

I can't be sure what the page you would be redirected to is designed to do, but it in turn loads yet another script, and you would probably get what is called a "drive by infection".

There is a commonly used expression:
"There is no sense in closing the barn door after the horse has bolted"

An unknown number of Yahoo accounts were hacked at the end of January this year:
http://www.engadget.com/2014/01/30/yahoo-mail-breach/
http://yahoo.tumblr.com/post/75083532312/important-security-update-for-yahoo-mail-user

Supposedly Yahoo identified which accounts had been hacked, they changed the passwords, and then informed users of this and told them to reset their passwords.  In other words, data had  already obtained by the imposters (the horse had bolted), and creating a new strong password (closing the barn door) would only help to stop some other breach of security.

The emails that people in your contacts list are getting are undoubtedly being sent from somewhere else and are pretending to be from you.  It is highly improbable that someone, or some malicious software, is repeatedly accessing and using your account to send these emails.  If this is the case, then there really isn't anything you can do other than changing your password in yahoo and in other linked accounts to try and prevent further data theft from those other accounts.

What I would do first of all is to send separate emails to all of your contacts using another email account and inform them that it is not you who is sending the yahoo emails to them.  Tell them not to open any emails that appear to have come from you,  certainly not to click on any links in them if the emails show as previews, and never to reply to them.

Do you download your Yahoo email to an installed program like Microsoft Office Outlook, Mozilla Thunderbird, etc?

If so, then it is possible that you have actually had a virus on your computer that copied all of your contact details.  The virus may still be on your computer in this case, so you really need to update your AntiVirus software and run a very full scan.  It is also sensible to install another AntiVirus software and do a scan in case the other program missed something.  One of the most popular good malware scanners is the free version of MalwareBytes which you can download here:
https://www.malwarebytes.org/free/

If you only read your yahoo mail as webmail in your browser, then it is always a good idea to scan your system for malware, but there probably isn't any direct link between what is happening and your computer.  If you have any confidential emails or data in any other account that uses your Yahoo email address as a login, then change the passwords for those other accounts and all places that the confidential information refers to, such as banking, other email accounts, and so on.

Assuming that this is just spam with malicious links to encourage recipients to click on them, then spam often eventually stops.
0
 
LVL 38

Expert Comment

by:BillDL
ID: 39932291
Thank you tjie
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PHP contact form that lets the user to contact the company through email contact form. A button is fixed at the bottom of site, on clicking a new window will open where a user can send the email.
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question