Email: possibly get hacked?

Posted on 2014-03-12
Last Modified: 2014-03-16

I have a yahoo email. It is possibly get hacked? (This is the 2nd time)

A friend sent me the notice or reply like this:
- A lot of my address book are being seen in the email
- And there is a link to the web site like this -->  ***** Note that this is a scam site, enter it at your own risk,  MIT********

My questions:
What should I do?
I did change the password last week (After I changed the password, it seemed solving the problem; but just this morning,  i got the above info from a friend)
Should I do not use this email anymore and create another one? (If yes, I would be very sad) or any way to protect it (so it would not happen again next time?)

Question by:tjie
  • 2
LVL 38

Accepted Solution

BillDL earned 500 total points
ID: 39926060
Firstly, and this is information directed at anybody reading this question, DO NOT click on the link given in the question above.  It is a PHP page that tells the browser to do what is called a "Meta Refresh" and reload an entirely different page, namely a fraudulent, phishing, or generally malicious content.  Most modern browsers are automatically configured to block reported phishing and fraudulent sites, but you can never be too sure that they will.  In my case Firefox blocks the "redirect" with this notification:
.  and the explanation is given here:
The blocking is handled differently for other browsers.

I can't be sure what the page you would be redirected to is designed to do, but it in turn loads yet another script, and you would probably get what is called a "drive by infection".

There is a commonly used expression:
"There is no sense in closing the barn door after the horse has bolted"

An unknown number of Yahoo accounts were hacked at the end of January this year:

Supposedly Yahoo identified which accounts had been hacked, they changed the passwords, and then informed users of this and told them to reset their passwords.  In other words, data had  already obtained by the imposters (the horse had bolted), and creating a new strong password (closing the barn door) would only help to stop some other breach of security.

The emails that people in your contacts list are getting are undoubtedly being sent from somewhere else and are pretending to be from you.  It is highly improbable that someone, or some malicious software, is repeatedly accessing and using your account to send these emails.  If this is the case, then there really isn't anything you can do other than changing your password in yahoo and in other linked accounts to try and prevent further data theft from those other accounts.

What I would do first of all is to send separate emails to all of your contacts using another email account and inform them that it is not you who is sending the yahoo emails to them.  Tell them not to open any emails that appear to have come from you,  certainly not to click on any links in them if the emails show as previews, and never to reply to them.

Do you download your Yahoo email to an installed program like Microsoft Office Outlook, Mozilla Thunderbird, etc?

If so, then it is possible that you have actually had a virus on your computer that copied all of your contact details.  The virus may still be on your computer in this case, so you really need to update your AntiVirus software and run a very full scan.  It is also sensible to install another AntiVirus software and do a scan in case the other program missed something.  One of the most popular good malware scanners is the free version of MalwareBytes which you can download here:

If you only read your yahoo mail as webmail in your browser, then it is always a good idea to scan your system for malware, but there probably isn't any direct link between what is happening and your computer.  If you have any confidential emails or data in any other account that uses your Yahoo email address as a login, then change the passwords for those other accounts and all places that the confidential information refers to, such as banking, other email accounts, and so on.

Assuming that this is just spam with malicious links to encourage recipients to click on them, then spam often eventually stops.
LVL 38

Expert Comment

ID: 39932291
Thank you tjie

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Free Email Signature. 3 72
Outlook:  SSMB 2 54
How do I determine the virus in this email? 5 97
Wierd issue with missing "FROM" field in Outlook. 7 95
Are you using email marketing software? If not, you're missing out on effortless marketing and the reaching of desired conversion rates through email marketing software.
Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now