Loading ...
Sorry, an error occurred while loading the content.

Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites

Expand Messages
  • Bill Todd
    its simple don t click on the link just delete the email ... -- bill i own the following groups mrsp non adult shares ask for invite rapidsharevideo ask
    Message 1 of 17 , Mar 6, 2013
    • 0 Attachment
      its simple
      don't click on the link just delete the email

      On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
       

      There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

      This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

      http://www.iitp.org.nz/newsletter/article/414?utm_source=index

      Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

      The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




      --
      bill

      i own the following groups
      mrsp    non adult shares  ask for invite

      rapidsharevideo   ask for invite
    • adeomus ********
      why are people still clicking on links ?! it s been shown to be the single most hazardous thing to do. ..But magic has a habit of lying low, like a rake in the
      Message 2 of 17 , Mar 6, 2013
      • 0 Attachment

        why are people still clicking on links ?!
        it's been shown to be the single most hazardous thing to do.

        ..But magic has a habit of lying low, 
        like a rake in the grass.

        ~Terry Pratchett
        ~














        --- On Wed, 3/6/13, Bill Todd <bt542000@...> wrote:

        From: Bill Todd <bt542000@...>
        Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
        To: Y-Mail@yahoogroups.com
        Received: Wednesday, March 6, 2013, 2:23 PM



        its simple
        don't click on the link just delete the email

        On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
         

        There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

        This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

        http://www.iitp.org.nz/newsletter/article/414?utm_source=index

        Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

        The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




        --
        bill

        i own the following groups
        mrsp    non adult shares  ask for invite

        rapidsharevideo   ask for invite

      • Donna Lee
        Why is only affecting Yahoo email accounts too? Most of the accounts that have been hacked are those with a Yahoo email!   Donna Ford Lee Tulsa, OK
        Message 3 of 17 , Mar 6, 2013
        • 0 Attachment
          Why is only affecting Yahoo email accounts too?
          Most of the accounts that have been hacked are those with a Yahoo email!

           
          Donna Ford Lee
          Tulsa, OK


          From: adeomus ******** <carpediemadeomus@...>
          To: Y-Mail@yahoogroups.com
          Sent: Wednesday, March 6, 2013 7:21 PM
          Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites




          why are people still clicking on links ?!
          it's been shown to be the single most hazardous thing to do.

          ..But magic has a habit of lying low, 
          like a rake in the grass.

          ~Terry Pratchett
          ~







          --- On Wed, 3/6/13, Bill Todd <bt542000@...> wrote:

          From: Bill Todd <bt542000@...>
          Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
          To: Y-Mail@yahoogroups.com
          Received: Wednesday, March 6, 2013, 2:23 PM



          its simple
          don't click on the link just delete the email

          On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
           
          There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

          This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

          http://www.iitp.org.nz/newsletter/article/414?utm_source=index

          Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

          The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




          --
          bill

          i own the following groups
          mrsp    non adult shares  ask for invite

          rapidsharevideo   ask for invite





        • Shal Farley
          Lena, ... Or perhaps one of those plug-ins. I ve evicted Java from my computers -- too many zero-day exploits in a row, and I don t know why I had it. That is,
          Message 4 of 17 , Mar 6, 2013
          • 0 Attachment
            Lena,

            > The weaknesses are not in yahoo, but in Windows, browsers and their plugins
            > (Java, Acrobat, Flash), ...
            > If you use Windows then you are vulnerable, yahoo cannot fix your Windows.

            Or perhaps one of those plug-ins.

            I've evicted Java from my computers -- too many zero-day exploits in a row, and I don't know why I had it. That is, nothing I use daily has stopped working; no doubt I'll get a reminder eventually.
            <http://krebsonsecurity.com/2013/03/oracle-issues-emergency-java-update/>

            Acrobat, as a browser plug-in, has been eliminated for me by Firefox 19, but I still use it stand-alone with files I've created. Flash is a little more problematic as many sites I do use daily use Flash.

            > Another proof: I use Unix instead of Windows on my (usual) computer at
            > home, so I could safely experiment. I don't Sign Out of yahoo. An XSS
            > exploit should work with any browser under any operating system, however
            > I clicked links in several such spams but addresses in my webmail
            > address book and Sent folder weren't spammed.

            If the plug-ins are involved there may be more variables than just the OS. The victims may have had an outdated plug-in whereas you no doubt keep yours up-to-date, or possible don't use them.

            After all, we don't know what percentage of the people who received and clicked on such links were subsequently exploited. All we know is that it was apparently enough to propagate the problem to others. I'd actually expect that people prone to click on rogue links are also people prone to ignore updates, but that's just a stereotype in my mind.

            -- Shal
          • Sasafrass452
            But of course, not all links lead to a virus. Unless it s from someone you know, there s no reason NOT to click on it unless that person is unknowingly
            Message 5 of 17 , Mar 7, 2013
            • 0 Attachment
              But of course, not all links lead to a virus. Unless it's from someone you know, there's no reason NOT to click on it unless that person is unknowingly infected & their email is sending spam. In these cases, it's pretty easy to tell when a link is not something a friend or relative would send you. All it takes is 2 seconds to look at the url before you click on it.
              
              **Sasafrass452**
              http://www.friendburst.com/Sasafrass452
              http://thexfactorusa.proboards.com
              http://angiemillerfans.proboards.com
              On 03/06/2013 08:21 PM, adeomus ******** wrote:
               


              why are people still clicking on links ?!
              it's been shown to be the single most hazardous thing to do.

              ..But magic has a habit of lying low, 
              like a rake in the grass.
              
              ~Terry Pratchett~
              


              
              
              
              









              --- On Wed, 3/6/13, Bill Todd <bt542000@...> wrote:

              From: Bill Todd <bt542000@...>
              Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
              To: Y-Mail@yahoogroups.com
              Received: Wednesday, March 6, 2013, 2:23 PM



              its simple
              don't click on the link just delete the email

              On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
               

              There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

              This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

              http://www.iitp.org.nz/newsletter/article/414?utm_source=index

              Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

              The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




              --
              bill

              i own the following groups
              mrsp    non adult shares  ask for invite

              rapidsharevideo   ask for invite


            • Sasafrass452
              Let me rephrase that.... IF it s from someone you know, there s no reasonnot to click on it.... **Sasafrass452** http://www.friendburst.com/Sasafrass452
              Message 6 of 17 , Mar 7, 2013
              • 0 Attachment
                Let me rephrase that.... IF it's from someone you know, there's no reason not to click on it....
                
                **Sasafrass452**
                http://www.friendburst.com/Sasafrass452
                http://thexfactorusa.proboards.com
                http://angiemillerfans.proboards.com
                On 03/07/2013 09:02 AM, Sasafrass452 wrote:
                 

                But of course, not all links lead to a virus. Unless it's from someone you know, there's no reason NOT to click on it unless that person is unknowingly infected & their email is sending spam. In these cases, it's pretty easy to tell when a link is not something a friend or relative would send you. All it takes is 2 seconds to look at the url before you click on it.
                **Sasafrass452**
                http://www.friendburst.com/Sasafrass452
                http://thexfactorusa.proboards.com
                http://angiemillerfans.proboards.com
                On 03/06/2013 08:21 PM, adeomus ******** wrote:
                 


                why are people still clicking on links ?!
                it's been shown to be the single most hazardous thing to do.

                ..But magic has a habit of lying low, 
                like a rake in the grass.
                
                ~Terry Pratchett~
                


                
                
                
                









                --- On Wed, 3/6/13, Bill Todd <bt542000@...> wrote:

                From: Bill Todd <bt542000@...>
                Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                To: Y-Mail@yahoogroups.com
                Received: Wednesday, March 6, 2013, 2:23 PM



                its simple
                don't click on the link just delete the email

                On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
                 

                There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

                This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

                http://www.iitp.org.nz/newsletter/article/414?utm_source=index

                Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

                The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




                --
                bill

                i own the following groups
                mrsp    non adult shares  ask for invite

                rapidsharevideo   ask for invite



            • CB
              I can verify I DID NOT CLICK ON ANYTHING (or link) I went online and all the emails and folders were gone!!!!!! From: Sasafrass452 Sent: Thursday, March 07,
              Message 7 of 17 , Mar 7, 2013
              • 0 Attachment
                I can verify I DID NOT CLICK ON ANYTHING (or link)  I went online and all the emails and folders were gone!!!!!!

                Sent: Thursday, March 07, 2013 9:34 AM
                Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites

                 

                Let me rephrase that.... IF it's from someone you know, there's no reason not to click on it....
                **Sasafrass452**
                http://www.friendburst.com/Sasafrass452
                http://thexfactorusa.proboards.com
                http://angiemillerfans.proboards.com
                On 03/07/2013 09:02 AM, Sasafrass452 wrote:
                 

                But of course, not all links lead to a virus. Unless it's from someone you know, there's no reason NOT to click on it unless that person is unknowingly infected & their email is sending spam. In these cases, it's pretty easy to tell when a link is not something a friend or relative would send you. All it takes is 2 seconds to look at the url before you click on it.
                **Sasafrass452**
                http://www.friendburst.com/Sasafrass452
                http://thexfactorusa.proboards.com
                http://angiemillerfans.proboards.com
                On 03/06/2013 08:21 PM, adeomus ******** wrote:
                 


                why are people still clicking on links ?!
                it's been shown to be the single most hazardous thing to do.

                ..But magic has a habit of lying low, 
                like a rake in the grass.
                
                ~Terry Pratchett~
                


                
                
                
                

                
                









                --- On Wed, 3/6/13, Bill Todd <bt542000@...> wrote:

                From: Bill Todd <bt542000@...>
                Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                To: Y-Mail@yahoogroups.com
                Received: Wednesday, March 6, 2013, 2:23 PM



                its simple
                don't click on the link just delete the email

                On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
                 

                There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

                This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

                http://www.iitp.org.nz/newsletter/article/414?utm_source=index

                Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

                The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




                --
                bill

                i own the following groups
                mrsp    non adult shares  ask for invite

                rapidsharevideo   ask for invite



              • adeomus ********
                and what about the spoofing i ve been hearing about, for example ? even visible ones can be overlooked, for example: someone sent a link to our groups with
                Message 8 of 17 , Mar 7, 2013
                • 0 Attachment

                  and what about the spoofing i've been hearing about, for example ?

                  even visible ones can be overlooked, for example:
                  someone sent a link to our groups with something like you-tube........
                  people were clicking on it before i noticed it !

                   a good friend that i trust sent me an email awhile back that gave me a huge wakeup call.
                  i clicked on it and my computer screen was immediately taken over by malware that was rapidly destroying everything in front of my eyes !!!
                  i did a hard shut down, prevented a total catastrophe, and dealt with my palpitations afterward.

                  even friends might not know they are not sending a " real" link.

                  yes, most links are ok, but better take a second more to be safe, than ever sorry.

                  ..But magic has a habit of lying low, 
                  like a rake in the grass.

                  ~Terry Pratchett
                  ~














                  --- On Thu, 3/7/13, Sasafrass452 <Sasafrass452@...> wrote:

                  From: Sasafrass452 <Sasafrass452@...>
                  Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                  To: Y-Mail@yahoogroups.com
                  Received: Thursday, March 7, 2013, 9:02 AM



                  But of course, not all links lead to a virus. Unless it's from someone you know, there's no reason NOT to click on it unless that person is unknowingly infected & their email is sending spam. In these cases, it's pretty easy to tell when a link is not something a friend or relative would send you. All it takes is 2 seconds to look at the url before you click on it.
                  **Sasafrass452**
                  http://www.friendburst.com/Sasafrass452
                  http://thexfactorusa.proboards.com
                  http://angiemillerfans.proboards.com
                  On 03/06/2013 08:21 PM, adeomus ******** wrote:
                   


                  why are people still clicking on links ?!
                  it's been shown to be the single most hazardous thing to do.

                  ..But magic has a habit of lying low, 
                  like a rake in the grass.
                  
                  ~Terry Pratchett~
                  


                  
                  
                  
                  









                  --- On Wed, 3/6/13, Bill Todd <bt542000@...> wrote:

                  From: Bill Todd <bt542000@...>
                  Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                  To: Y-Mail@yahoogroups.com
                  Received: Wednesday, March 6, 2013, 2:23 PM



                  its simple
                  don't click on the link just delete the email

                  On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
                   

                  There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

                  This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

                  http://www.iitp.org.nz/newsletter/article/414?utm_source=index

                  Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

                  The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




                  --
                  bill

                  i own the following groups
                  mrsp    non adult shares  ask for invite

                  rapidsharevideo   ask for invite




                • Sasafrass452
                  If you have a good eye, you ll see the dash & know it s not really a youtube link. So yes, taking 2 or 3 seconds to inspect the url is always wise.
                  Message 9 of 17 , Mar 7, 2013
                  • 0 Attachment
                    If you have a good eye, you'll see the dash & know it's not really a youtube link. So yes, taking 2 or 3 seconds to inspect the url is always wise. Unfortunately, you didn't heed that advice & nearly lost everything, but I'm sure you're much more cautious now, as a result.... Just remember, if a malicious link comes from a friend or relative, that's when you become the hero by calling & alerting them that their computer is infected ;) It's happened to my aunt a few times, & she needed help to clean up her system.... The problem is that many people aren't educated enough to keep their computers clean, or they're just plain gullible & download or click on anything that pops up on their screen.
                    
                    **Sasafrass452**
                    http://www.friendburst.com/Sasafrass452
                    http://thexfactorusa.proboards.com
                    http://angiemillerfans.proboards.com
                    On 03/07/2013 04:34 PM, adeomus ******** wrote:
                     


                    and what about the spoofing i've been hearing about, for example ?

                    even visible ones can be overlooked, for example:
                    someone sent a link to our groups with something like you-tube........
                    people were clicking on it before i noticed it !

                     a good friend that i trust sent me an email awhile back that gave me a huge wakeup call.
                    i clicked on it and my computer screen was immediately taken over by malware that was rapidly destroying everything in front of my eyes !!!
                    i did a hard shut down, prevented a total catastrophe, and dealt with my palpitations afterward.

                    even friends might not know they are not sending a " real" link.

                    yes, most links are ok, but better take a second more to be safe, than ever sorry.

                    ..But magic has a habit of lying low, 
                    like a rake in the grass.
                    
                    ~Terry Pratchett~
                    


                    
                    
                    
                    









                    --- On Thu, 3/7/13, Sasafrass452 <Sasafrass452@...> wrote:

                    From: Sasafrass452 <Sasafrass452@...>
                    Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                    To: Y-Mail@yahoogroups.com
                    Received: Thursday, March 7, 2013, 9:02 AM



                    But of course, not all links lead to a virus. Unless it's from someone you know, there's no reason NOT to click on it unless that person is unknowingly infected & their email is sending spam. In these cases, it's pretty easy to tell when a link is not something a friend or relative would send you. All it takes is 2 seconds to look at the url before you click on it.
                    **Sasafrass452**
                    http://www.friendburst.com/Sasafrass452
                    http://thexfactorusa.proboards.com
                    http://angiemillerfans.proboards.com
                    On 03/06/2013 08:21 PM, adeomus ******** wrote:
                     


                    why are people still clicking on links ?!
                    it's been shown to be the single most hazardous thing to do.

                    ..But magic has a habit of lying low, 
                    like a rake in the grass.
                    
                    ~Terry Pratchett~
                    


                    
                    
                    
                    









                    --- On Wed, 3/6/13, Bill Todd <bt542000@...> wrote:

                    From: Bill Todd <bt542000@...>
                    Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                    To: Y-Mail@yahoogroups.com
                    Received: Wednesday, March 6, 2013, 2:23 PM



                    its simple
                    don't click on the link just delete the email

                    On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
                     

                    There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

                    This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

                    http://www.iitp.org.nz/newsletter/article/414?utm_source=index

                    Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

                    The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




                    --
                    bill

                    i own the following groups
                    mrsp    non adult shares  ask for invite

                    rapidsharevideo   ask for invite





                  • Shal Farley
                    CB, If you mean the incident where many people found their accounts suddenly needed to be re-activated, and after doing that their emails were gone, then I
                    Message 10 of 17 , Mar 7, 2013
                    • 0 Attachment
                      CB,

                      If you mean the incident where many people found their accounts suddenly
                      needed to be re-activated, and after doing that their emails were gone,
                      then I think that was a Yahoo Glitch, and not a consequence of the
                      emails with rogue links.

                      Or, at least not related in any direct way.

                      -- Shal


                      On 3/7/2013 10:31 AM, CB wrote:
                      >
                      > I can verify I DID NOT CLICK ON ANYTHING (or link) I went online and all
                      > the emails and folders were gone!!!!!!
                    • adeomus ********
                      the you-tube thing i caught, but the email thing looked completely legit. ( it was a popular ecard site used by many of us at the time). there was no way to
                      Message 11 of 17 , Mar 7, 2013
                      • 0 Attachment

                        the you-tube thing i caught, but the email thing looked completely legit.
                        ( it was a popular ecard site used by many of us at the time).

                        there was no way to know the ecard thing was not right.

                        ..But magic has a habit of lying low, 
                        like a rake in the grass.

                        ~Terry Pratchett
                        ~














                        --- On Thu, 3/7/13, Sasafrass452 <Sasafrass452@...> wrote:

                        From: Sasafrass452 <Sasafrass452@...>
                        Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                        To: Y-Mail@yahoogroups.com
                        Received: Thursday, March 7, 2013, 5:18 PM



                        If you have a good eye, you'll see the dash & know it's not really a youtube link. So yes, taking 2 or 3 seconds to inspect the url is always wise. Unfortunately, you didn't heed that advice & nearly lost everything, but I'm sure you're much more cautious now, as a result.... Just remember, if a malicious link comes from a friend or relative, that's when you become the hero by calling & alerting them that their computer is infected ;) It's happened to my aunt a few times, & she needed help to clean up her system.... The problem is that many people aren't educated enough to keep their computers clean, or they're just plain gullible & download or click on anything that pops up on their screen.
                        **Sasafrass452**
                        http://www.friendburst.com/Sasafrass452
                        http://thexfactorusa.proboards.com
                        http://angiemillerfans.proboards.com
                        On 03/07/2013 04:34 PM, adeomus ******** wrote:
                         


                        and what about the spoofing i've been hearing about, for example ?

                        even visible ones can be overlooked, for example:
                        someone sent a link to our groups with something like you-tube........
                        people were clicking on it before i noticed it !

                         a good friend that i trust sent me an email awhile back that gave me a huge wakeup call.
                        i clicked on it and my computer screen was immediately taken over by malware that was rapidly destroying everything in front of my eyes !!!
                        i did a hard shut down, prevented a total catastrophe, and dealt with my palpitations afterward.

                        even friends might not know they are not sending a " real" link.

                        yes, most links are ok, but better take a second more to be safe, than ever sorry.

                        ..But magic has a habit of lying low, 
                        like a rake in the grass.
                        
                        ~Terry Pratchett~
                        


                        
                        
                        
                        









                        --- On Thu, 3/7/13, Sasafrass452 <Sasafrass452@...> wrote:

                        From: Sasafrass452 <Sasafrass452@...>
                        Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                        To: Y-Mail@yahoogroups.com
                        Received: Thursday, March 7, 2013, 9:02 AM



                        But of course, not all links lead to a virus. Unless it's from someone you know, there's no reason NOT to click on it unless that person is unknowingly infected & their email is sending spam. In these cases, it's pretty easy to tell when a link is not something a friend or relative would send you. All it takes is 2 seconds to look at the url before you click on it.
                        **Sasafrass452**
                        http://www.friendburst.com/Sasafrass452
                        http://thexfactorusa.proboards.com
                        http://angiemillerfans.proboards.com
                        On 03/06/2013 08:21 PM, adeomus ******** wrote:
                         


                        why are people still clicking on links ?!
                        it's been shown to be the single most hazardous thing to do.

                        ..But magic has a habit of lying low, 
                        like a rake in the grass.
                        
                        ~Terry Pratchett~
                        


                        
                        
                        
                        









                        --- On Wed, 3/6/13, Bill Todd <bt542000@...> wrote:

                        From: Bill Todd <bt542000@...>
                        Subject: Re: [Y-Mail] Yahoo Mail Hack Sending Emails With Single Link To Rogue Websites
                        To: Y-Mail@yahoogroups.com
                        Received: Wednesday, March 6, 2013, 2:23 PM



                        its simple
                        don't click on the link just delete the email

                        On 6 March 2013 16:21, Chris B <chrisjbrady@...> wrote:
                         

                        There's this trojan virus going round that is exploiting weaknesses in Yahoo's security. Basically you receive an email with a single URL to click on. This then sends you to a rogue website which downloads a piece of XLS or Javascript onto your computer. This in turn steals your Yahoo login cookies and sends them on to hackers. It also generates similar emails and sends them to everyone in your contacts address book.

                        This is all detailed in posts to Yahoo Group [Y-Mail] and also at this excellent website:

                        http://www.iitp.org.nz/newsletter/article/414?utm_source=index

                        Although this article is about issues with yahoo mail in New Zealand, the hack described seems to be the same that everyone else is reporting.

                        The question is how to remove this piece of XLS or Javascript? And also how to avoid getting the damn thing in the first place. Many thanks.




                        --
                        bill

                        i own the following groups
                        mrsp    non adult shares  ask for invite

                        rapidsharevideo   ask for invite







                      • lena_kiev
                        ... Only or most? Big difference.
                        Message 12 of 17 , Mar 7, 2013
                        • 0 Attachment
                          > From: Donna Lee <donna74128@...>
                          >
                          > Why is only affecting Yahoo email accounts too?
                          > Most of the accounts that have been hacked are those with a Yahoo email!

                          Only or most? Big difference.
                        • Shal Farley
                          Sasafrass, ... It gets much worse than inserting a hyphen, or otherwise misspelling a popular site. With the move toward allowing Unicode characters in domain
                          Message 13 of 17 , Mar 7, 2013
                          • 0 Attachment
                            Sasafrass,

                            > If you have a good eye, you'll see the dash & know it's not really a
                            > youtube link. So yes, taking 2 or 3 seconds to inspect the url is always
                            > wise.

                            It gets much worse than inserting a hyphen, or otherwise misspelling a popular site. With the move toward allowing Unicode characters in domain names we could see malicious sites named with characters that look like ASCII (Roman) letters, but aren't.

                            "IDN homograph attack"
                            <http://en.wikipedia.org/wiki/IDN_homograph_attack>

                            -- Shal
                            "Never give a sucker an even break" has never been truer.
                          • lena_kiev
                            ... 3D molecule viewer I sometimes use is Java-based. I use QuickJava add-on for Firefox and keep Java normally turned off. I also use FlashBlock add-on. ...
                            Message 14 of 17 , Mar 7, 2013
                            • 0 Attachment
                              > From: Shal Farley <shal@...>

                              > > The weaknesses are not in yahoo, but in Windows, browsers and their plugins
                              > > (Java, Acrobat, Flash), ...
                              > > If you use Windows then you are vulnerable, yahoo cannot fix your Windows.
                              >
                              > Or perhaps one of those plug-ins.
                              >
                              > I've evicted Java from my computers -- too many zero-day exploits in
                              > a row, and I don't know why I had it. That is, nothing I use daily
                              > has stopped working; no doubt I'll get a reminder eventually.

                              3D molecule viewer I sometimes use is Java-based.
                              I use QuickJava add-on for Firefox and keep Java normally turned off.
                              I also use FlashBlock add-on.

                              > > I use Unix instead of Windows on my (usual) computer at
                              > > home, so I could safely experiment.

                              > If the plug-ins are involved there may be more variables than just
                              > the OS. The victims may have had an outdated plug-in whereas you no
                              > doubt keep yours up-to-date, or possible don't use them.

                              Currently for FreeBSD only Flash 11.2r202.273 is available.
                              However, exploits can work under Windows only: code written for Windows
                              can work under another operating system only under an emulator
                              such as Wine, but Firefox works not under Wine.

                              > we don't know what percentage of the people who received
                              > and clicked on such links were subsequently exploited.

                              The numbers (about 10-15% IIRC) are in a couple articles among these:
                              http://blog.webroot.com/2011/10/31/outdated-operating-system-this-blackhole-exploit-kit-has-you-in-its-sights/
                              http://blog.webroot.com/2012/07/06/117000-unique-u-s-visitors-offered-for-malware-conversion/
                              http://blog.webroot.com/2012/10/31/nuclear-exploit-pack-goes-2-0/
                              http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_blackhole-exploit-kit.pdf
                              http://blog.trendmicro.com/trendlabs-security-intelligence/a-refresher-on-spam-and-exploits/
                              http://blog.trendmicro.com/trendlabs-security-intelligence/the-state-of-blackhole-spam/

                              > All we know
                              > is that it was apparently enough to propagate the problem to others.
                              > I'd actually expect that people prone to click on rogue links are
                              > also people prone to ignore updates, but that's just a stereotype in
                              > my mind.

                              I agree. But under Windows timely updates are not enough because of
                              zero-day exploits (of plugins, browsers and Windows)
                              and because the felons steal FTP passwords and contaminate
                              legitimate websites too.
                            • Donna Lee
                              Only Yahoo emails are the ones being hacked. When I get these type of emails with only a link it is always a Yahoo account. Now the name of the person holding
                              Message 15 of 17 , Mar 8, 2013
                              • 0 Attachment
                                Only Yahoo emails are the ones being hacked. When I get these type of emails with only a link it is always a Yahoo account. Now the name of the person holding the account is placed in the subject line. I just got one from my brother and he has a Yahoo account.

                                Donna Ford Lee ♂+♀=♡
                                Tulsa, OK

                                Don't cry because it's over,
                                smile because it happened.

                                Sent Via My iPhone
                              • Your message has been successfully submitted and would be delivered to recipients shortly.