Hijacked

Contributor

Hijacked

My at.net address list and mailboxes were hijacked and spam mail was sent to all addresses with my att.net address.  I wish to notify Yahoo of this hijack and provide any details they may need to secure this issue.  Also any assistance and other guidance for me to assure I remain Internet secure.

Message 1 of 8 (487 Views)

Re: Hijacked


kkr4u wrote:

My at.net address list and mailboxes were hijacked and spam mail was sent to all addresses with my att.net address.  I wish to notify Yahoo of this hijack and provide any details they may need to secure this issue.  Also any assistance and other guidance for me to assure I remain Internet secure.


Although it may be possible, it's not likely that your account was hacked at Yahoo.

 

Do you use any third party email programs to send and recieve your email.

If so, it could be your computer is infected with a virus or other malware.

 

When you send email do you use "reply to all" or "forward to all"?

If so, it could be that someone you sent an email to has an infected computer and you just sent them your address with all the addresses in your address book.





__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

                              

Message 2 of 8 (481 Views)
Teacher

Re: Hijacked

I have an opposite take on this since it has happened to me on two different accounts.  If you are using webmail or have a "My Yahoo" custom home page you are "logged in" and therefore in the clear.  When you enter the password it's encrypted, but from that point I think you're in the clear.  I don't normally use webmail, but one day I used it and left it connected most of the day.  The next day my contact list was used to sell Canadian Meds.  I have been using Yahoo mail since the 90s, back then it required an additional login to access the mail section, now if you are using your "My Yahoo" page, you're logged into both and your e-mail is wide open on a normal internet connection.  IMHO

Message 3 of 8 (467 Views)
Contributor

Re: Hijacked

That isn't what occurred the day the spam was sent, but it is a good point
Message 4 of 8 (454 Views)
Contributor

Re: Hijacked

My mail account rests on a YAHOO cloud server someplace. None of the information is resident on my PC. I'm not using something like Outlook for my E-mail platform.
Your late suggest does have some merit and I originally considered that.
Message 5 of 8 (454 Views)

Re: Hijacked


druco wrote:

I have an opposite take on this since it has happened to me on two different accounts.  If you are using webmail or have a "My Yahoo" custom home page you are "logged in" and therefore in the clear.  When you enter the password it's encrypted, but from that point I think you're in the clear.  I don't normally use webmail, but one day I used it and left it connected most of the day.  The next day my contact list was used to sell Canadian Meds.  I have been using Yahoo mail since the 90s, back then it required an additional login to access the mail section, now if you are using your "My Yahoo" page, you're logged into both and your e-mail is wide open on a normal internet connection.  IMHO


Uh.. in the clear?


If you're logged into your account, no one else can log in. If information was gleened while you were logged in, it's because your computer was infected. If Yahoo servers were being hacked, there would be a lot more than just a couple of folks on Uverse forum talking about it.


__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

                              

Message 6 of 8 (450 Views)
Teacher

Re: Hijacked

In the clear = not encrypted.

 

When I investigated all the activity was in the webmail application.  The addresses used were the ones in my online address book and the sent folder had copies of the malicious e-mail that was sent.  My desktop e-mail client  had nothing.  This has happened on various PCs and Yahoo accounts.  My one Yahoo account does not have POP3 access, only webmail.  And yes there are others not necessarily on this forum that have had this problem. 

Message 7 of 8 (443 Views)

Re: Hijacked

As I said, when you're logged in all other login atempts will fail. If someone tried a brute force crack on your password on yahoo, I would think the multiple failures would trigger a lock out on the account. The only way someone can get that data while your logged in is either if your on an unsecured connection (public wi-fi) or someone was reading the cached webpages on your computer or maybe a keylogger swiping your password. Ya, someone might be able to guess your password in 3 or 4 attempts, thus avoiding the lockout, but they would have to know you personally and you use an obvious password like a childs name or pets name or some other personal info. If your computer was infected, it's possible that it just used your connection to your webmail to send the spam thus leaving sent folder items. It's also possible with an infected computer that enough personal info could be swiped that someone was able to impersonate you to yahoo and change your password.

 




__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

                              

Message 8 of 8 (422 Views)
Share this topic
Announcements

Welcome to the AT&T Community Forums!!! Stop by the Community How-To section for tips on how to get started.