Loading ...
Sorry, an error occurred while loading the content.

3840File - Monthly reminder about spam infections.

Expand Messages
  • Crosley@yahoogroups.com
    Feb 1, 2014
      The reason we're seeing spam from members' accounts has to do with spammers in Eastern Europe sending out these links to what seems to be job-hunting tips. One click and you're hit with hidden JavaScript that connects to a flawed Yahoo WordPress page created especially for developers that lets malicious script check the browser to see whether he or she is currently logged into a Yahoo account. If so, the malicious script steals the Yahoo session "cookies" from the browser and sends them to the spammers who use the account to pump out spam, including emails to get the passwords of even more Yahoo Mail users, starting the entire cycle again. Yahoo says it fixed the flaw in January 2013. The spammers don't appear to be changing user passwords. If your account is hijacked, change your password immediately and then log off. Watch out for shortened URLs, webpages that mimic common sites, hidden webpage codes that trigger drive-by downloads, and WordPress software where WordPress users don't bother to apply updates. Always log out of Yahoo Mail (and any other online account) when you're done using it. That renders the session cookies useless.
    • Show all 37 messages in this topic