Loading ...
Sorry, an error occurred while loading the content.

Y-mail Account Hacking.. What to do?

Expand Messages
  • Sumit Mehta
    Today Y-mail account of one of the friends is hacked. We came to know when I and my other friends got e-mail from my friend, whose account is hacked, asking
    Message 1 of 2 , Mar 11 8:34 AM
    • 0 Attachment
      Today Y-mail account of one of the friends is hacked. We came to know when I and my other friends got e-mail from my friend, whose account is hacked, asking for financial help. He himself got the same mail in his gmail.com account. Also, the above mentioned mail was delivered in my Inbox by Gmail instead of Spam folder with red label from Gmail suspecting that the e-mail account of sender seems to compromised. So it was confirmed that his Y-mail account is hacked. This is his regular account. He has licensed version of Antivirus software installed. He has now changed his password. But I think this is not enough. I would appreciate if we prepare a check list of what should be done when Y-mail account is hacked. Because from the group mails of last few days, it is now beyond the doubt that Y-mail hacking seems to be very common thing for technocrats !!! 
       

    • lena_kiev
      ... Among spams via webmail using stolen password, such fraudulent spam usually is sent manually from Nigeria (or a neighbouring African country), unlike the
      Message 2 of 2 , Mar 12 10:45 AM
      • 0 Attachment
        > From: Sumit Mehta <sumit.mehta@...>
        >
        > Today Y-mail account of one of the friends is hacked. We came to
        > know when I and my other friends got e-mail from my friend, whose
        > account is hacked, asking for financial help. He himself got the
        > same mail in his gmail.com account. Also, the above mentioned mail
        > was delivered in my Inbox by Gmail instead of Spam folder with red
        > label from Gmail suspecting that the e-mail account of sender seems
        > to compromised.

        Among spams via webmail using stolen password,
        such fraudulent spam usually is sent manually from Nigeria
        (or a neighbouring African country), unlike the
        (predominant nowadays) link-only spam sent automatically using a botnet.
        If you send me (or post) full header of that spam then I'll tell you
        which country.

        Perhaps Gmail software deemed content of the letter to be
        highly probably spam and issued that red warning because the letter
        was sent indeed via yahooMail (DKIM and SPF pass).
        Even if yahooMail has a content filter on outgoing letters,
        the max it can do is to issue CAPTCHA - no problem for Nigerian cheap labor.

        > So it was confirmed that his Y-mail account is
        > hacked. This is his regular account. He has licensed version of
        > Antivirus software installed.

        Contemporary malware (drive-by exploit kits and stealthy encrypted
        polymorphic trojans) can disable or evade common antiviruses.
        Felons continually update the malware
        and successfully test it against antiviruses.

        > He has now changed his password.

        Never use the old password for that mailbox.

        > But I
        > think this is not enough. I would appreciate if we prepare a check
        > list of what should be done when Y-mail account is hacked.

        In case of such manual fraudulent spam ("asking for financial help") check
        Reply-To, signature, autoreply, list of email addresses in Account Info.

        If he wants to be sure that his passwords (not only yahooID password)
        cannot be stolen again then he has to use a free operating system
        instead of Windows on the same computer he's already using, for example:
        http://en.wikipedia.org/wiki/GhostBSD
        http://en.wikipedia.org/wiki/PCLinuxOS
        http://en.wikipedia.org/wiki/Linux_Mint
        http://en.wikipedia.org/wiki/Ubuntu_%28operating_system%29
      Your message has been successfully submitted and would be delivered to recipients shortly.