DescentBB

embarrassingly, my yahoo email account appears to have been hijacked. spam emails have been sent to all my contacts. Not sure how this could have happened. I did not download any programs, but I was at an airport internet cafe yesterday and accessed my email (not sure whether I also checked this acccount, though). Also I remember that 2 weeks ago or so I could not log in to yahoo, because my password was broken. It took several attempts plus changing/re-changing my password to get in.

I am running Mac OS X Snow Leopard.

I would be very grateful for any advice/recommendations.

Change the \"lost password\" email address and questions you use and change your password. You probably got hit by a phishing attack. Check over your account for any other changes.

thanks, Krom. Do I need to worry about my other accounts as well?

I would check everything that uses the same password or that you registered using that account.

Gmail has \"filters\" which are commands that can do jobs like forward/cc all email to another address. Check if yahoo has something similar. edit: There could be a problem. edit edit: Someone has a blog about losing their high traffic website because the domain address code was forwarded to a bad guy.

Also run a search in your inbox for the word \"password\". For each hit, adjust what ever account it's associated with.

Now that tax information is on my google accounts, I don't check my email on any computer running windows.

Yes, check that mail forwarding is not turned on and that there are no filters set up. They usually will take over email accounts and use them to spam from but also have all email forwarded to another account. So if you aren't receiving any new email - check the forwarding option.

thanks guys. Nothing of the sort seems to have happened. changed my password etc. and deleted all my contacts (was 6 years out of date anyways), fingers crossed it won't happen again. If it does, I'll just delete the account, it's 70% spam anyways.

It just irks we to not know how it happened. I read somewhere that it might be related to yahoo messenger (that i subscribed to when I was in a clan) being linked to the address book. It can then be hijacked when I click on a stupid link without my account being actually compromised. Does anyone now about this?

I think a keystroke logger is what you're a victim of. Anyone with any computer skill level can install one. And many of them are free.

Remember to change your account security questions, the ones that you would use if you ever lost your password. It is standard for someone who has compromised an account to change those so if the real user resets the password they can still get back in.

thanks for reminding me, Krom. I actually forgot to do this.

Isaac, so you think it happened at the internet cafe? They seemed to relatively secure, it was one of these interfaces where you cannot get down onto the OS level. But of course, anyone could just click on a link and download it, I guess.

I *think* I am relatively secure with my mac. But I did a complete scan for malware just to be sure and nothing turned up.

Isaac wrote:Gmail has "filters" which are commands that can do jobs like forward/cc all email to another address.

*EDIT*
Yup, I've heard that. I have a Y! Mail account that has 1441 spams. I already blocked them but didn't work. =/

I prefer Gmail. It's pretty good and fast.

yeah its funny. This address was the first I signed up to when I tried out the internets 15 years ago or so. Amazing how far behind yahoo has fallen since then...

A hacker got my Gmail account name (and a truckload of other users) when they hacked into a forum website (not here) I was registered on. At least they didn't get access to it or the password, but now I get Viagra spam 4 times a day! $#^&%(*$@!

I like how gmail runs like a desktop application, in a browser. And you don't have to reload the whole page when navigating. It's why I left hotmail.

Pandora wrote:Isaac, so you think it happened at the internet cafe? They seemed to relatively secure, it was one of these interfaces where you cannot get down onto the OS level. But of course, anyone could just click on a link and download it, I guess.

If it seems secure it probably is. If it looks like a new instance of windows every time you log on, I would say it's pretty safe.
But please know that there are usb keyloggers that you plug the keyboard into. Always check. http://www.keyghost.com/USB-Keylogger.htm
And the cafe owner and employees could install anything if they're dishonest. But they're already getting your money so I wouldn't worry too much about them.

You just gave me an idea. I have 2 gmail accounts. One of which I never use. I could forward my email to this second account so I could check it on strange computers. I could also choose what gets sent. And if it gets highjacked, I won't care.

Pandora wrote:I *think* I am relatively secure with my mac. But I did a complete scan for malware just to be sure and nothing turned up.

Your mac is pretty safe. But some wifi hot spots can be a security risk. Chrome gives warnings when you connect to something like this.

Isaac wrote:I like how gmail runs like a desktop application, in a browser. And you don't have to reload the whole page when navigating. It's why I left hotmail.

I did the same exactly. Gmail is very good as changing themes. Less spams.

I have a plan to quit M$'s mail because it annoys with their stupid advertisements that shrink my freaking email display. I hate it so much.

I feel Microsoft wants my money with their ads of Office, Xbox, and etc.

I tried Hotmail recently, but quickly ditched it; I thought with all the push around Bing, maybe Windows Live would bring the other services up to scratch as well. Apparently not.