marrowyung
asked on
yahoo email login from unregonised device
hi,
I keep receiving email on saying my yahoo email has been login using unrecognised device, anyway to check the hostname of that device?
I keep receiving email on saying my yahoo email has been login using unrecognised device, anyway to check the hostname of that device?
Yahoo email, so far as I know, does not check or care what kind of device is logging in. If there is a link in those emails, check it and I suspect you'll find that you're being phished.
ASKER
" If there is a link in those emails,"
what links ?
what links ?
From yahoo - "You'll also get a security notification for any unusual account activity - for instance; if you or someone else tries to sign in to the account from a new location, computer, mobile device, or ISP." https://help.yahoo.com/kb/SLN7125.html
You cannot check the hostname device that is attempting to login - other webmail may have but not yahoo that I know of have reveal this - at most identify the country, access type (browser etc) and IP. You can try to See your account's "Recent activity" https://help.yahoo.com/kb/account/recent-activity-page-sln2073.html
You cannot check the hostname device that is attempting to login - other webmail may have but not yahoo that I know of have reveal this - at most identify the country, access type (browser etc) and IP. You can try to See your account's "Recent activity" https://help.yahoo.com/kb/account/recent-activity-page-sln2073.html
>> I keep receiving email on saying my yahoo email has been login using unrecognised device, anyway to check the hostname of that device?
Change your password and any other security questions you may have for that Yahoo account.
Possibly the account was one of those that was hacked back in 2014 and is now being exploited by some hacker. https://www.theguardian.com/technology/2016/sep/23/yahoo-questinos-hack-researchers Yahoo has only just revealed these details.
Change your password and any other security questions you may have for that Yahoo account.
Possibly the account was one of those that was hacked back in 2014 and is now being exploited by some hacker. https://www.theguardian.com/technology/2016/sep/23/yahoo-questinos-hack-researchers Yahoo has only just revealed these details.
ASKER
btan,
" "You'll also get a security notification for any unusual account activity - for instance; if you or someone else tries to sign in to the account from a new location, computer, mobile device, or ISP." https://help.yahoo.com/kb/SLN7125.html"
I don't receive any, an email just said sign in from an unknown device, any idea on how can I know what IP address it is ?
dbrunton,
"Change your password and any other security questions you may have for that Yahoo account."
I knew, already get it done.
dbrunton,
"Possibly the account was one of those that was hacked back in 2014 and is now being exploited by some hacker. https://www.theguardian.com/technology/2016/sep/23/yahoo-questinos-hack-researchers Yahoo has only just revealed these details."
can't see the device name anyway ?
" "You'll also get a security notification for any unusual account activity - for instance; if you or someone else tries to sign in to the account from a new location, computer, mobile device, or ISP." https://help.yahoo.com/kb/SLN7125.html"
I don't receive any, an email just said sign in from an unknown device, any idea on how can I know what IP address it is ?
dbrunton,
"Change your password and any other security questions you may have for that Yahoo account."
I knew, already get it done.
dbrunton,
"Possibly the account was one of those that was hacked back in 2014 and is now being exploited by some hacker. https://www.theguardian.com/technology/2016/sep/23/yahoo-questinos-hack-researchers Yahoo has only just revealed these details."
can't see the device name anyway ?
If the mail is still at Yahoo (check your Trash) follow the instructions here https://help.yahoo.com/kb/SLN22026.html to see the emails header. You can then determine where it is really from.
Here's a sample from Experts Exchange to me. Look at the Received-SPF, X-Originating and the Received and the From field to help identify where it comes from.
Here's a sample from Experts Exchange to me. Look at the Received-SPF, X-Originating and the Received and the From field to help identify where it comes from.
Received-SPF: pass (domain of experts-exchange.com designates 54.173.171.194 as permitted sender)
X-Originating-IP: [54.173.171.194]
Authentication-Results: mta1018.tnz.mail.aue.yahoo.com from=experts-exchange.com; domainkeys=neutral (no sig); from=experts-exchange.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO cron.prod.aws.redsrci.com) (54.173.171.194)
by mta1018.tnz.mail.aue.yahoo.com with SMTPS; Wed, 28 Sep 2016 06:33:10 +0000
Received: from cron.prod.aws.redsrci.com (localhost [127.0.0.1])
by cron.prod.aws.redsrci.com (8.14.4/8.14.4) with ESMTP id u8S6X6VQ018169
for <abcdefghiji@xyza.cd.mm>; Tue, 27 Sep 2016 23:33:06 -0700
Date: Tue, 27 Sep 2016 23:33:06 -0700 (PDT)
From: Experts Exchange <noreply@experts-exchange.com>SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
"From the "Recent Activity" you should be able to see the IP. See
http://aruljohn.com/info/yahoo-mail-login-activity/"
yes i saw that, but by using that Ip address, I can't find exactly where is this guy and what is the hostname, hostname very important.
what if it is one of our PC
?
"Also you can checked on below on your email account to see if there is indicator of your account being leaked.
https://haveibeenpwned.com"
how can it make sure that?
http://aruljohn.com/info/yahoo-mail-login-activity/"
yes i saw that, but by using that Ip address, I can't find exactly where is this guy and what is the hostname, hostname very important.
what if it is one of our PC
?
"Also you can checked on below on your email account to see if there is indicator of your account being leaked.
https://haveibeenpwned.com"
how can it make sure that?
Read about Have I Been Pwned here https://en.wikipedia.org/wiki/Have_I_Been_Pwned%3F
ASKER
the only thing left is Yahoo can't show me the hostname of the Device which tried to login to my yahoo account, and accurate location. right?
There is best effort with ip address which cannot attribute to specific details. It may also be the IP is not the actual machine.. Even the service to check is by security researcher own effort to share dump of leaked email accounts. It is just best efforts.
ASKER
"There is best effort with ip address which cannot attribute to specific details. It may also be the IP is not the actual machine.."
but having that extra information is the best ! I can guess who use this PC as that kind of people might use sth close to thier name.
IP, who know who use that IP.
but having that extra information is the best ! I can guess who use this PC as that kind of people might use sth close to thier name.
IP, who know who use that IP.
ASKER
not much can be found out sir'
ASKER
tks all.