| Author |
Topic: My Yahoo email hacked |
Bill Leff
From:
Santa Cruz, CA, USA
|
Posted 12 Mar 2010 11:08 am |
|
My Yahoo email account was hacked last night. They sent out the following email to all of my contacts, ,then deleted my contact list so I couldn't easily send a note to everyone advising them of the phishing email they sent.
Apologies if anyone reading this has gotten this!
I have closed the Yahoo account, changed all my online passwords, run virus scans (nothing), Ad-Aware malware detection (nothing), updated my browser, etc.
I'm worried about keylogging and browser hijacking.
Here's the email (DON'T CLICK ON THE LINK!):
Hi, I really don't mean to inconvenience you right now but I made a quick trip to London UK early this week and had my bag stolen from me in which contains my passport and credit cards. I know this may sound odd, but it happened very fast. I've been to the US embassy and they're willing to help me fly without my passport but I just have to pay for my ticket and settle some bills. Right now I'm out of cash and I can't access my bank without my credit card here, I've made contact with them but they need more verification. I was thinking of asking you to lend me some funds now and I'll pay back as soon as I get home. I need to get on the next available flight.
Please reply as soon as you can if you are OK with this so I can forward the details as to where to send the funds. You can reach me via May field hotel's desk phone if you can, the numbers are, 011447024051751 or 011447024043675 or via my blackberry at bill.leff@ymail.com. |
|
|
|
Clete Ritta
From:
San Antonio, Texas
|
Posted 12 Mar 2010 11:21 am
|
|
Someone tried this almost Identical scam on a phished facebook account of an old acquainance. I was asked to lend him $ abroad, in the UK. Said he was mugged, lost all etc., very similar story. I almost fell for it! I removed the friend on facebook. Watch out for anything like this!
Clete |
|
|
|
Bishop Ronnie P Hall
From:
Detroit, Michigan, USA
|
Posted 12 Mar 2010 12:02 pm "Yahoo E-Mail Hijacked"
|
|
Hi Bill,
I received my "plea inquiry" this morning, I replied by asking a two part security question.(1) Where was your wife born? (2)In what city did she grow up? I added, "If this is a legitimate inquiry, "you" will know this!" Needless to say there was no answer!
Maybe, some of your other "friends", might find this helpful to ask such a question, even if it is what is my Dog`s name?, etc.
On the other hand I am deeply sorry for such a thing like this to happen to you, my old friend, my prayers, and encouragement is with you.
Bishop Hall (Ron)
_________________
Goldensacredstrings
goldensacredstrings@gmail.com
http://www.youtube.com/user/goldensacredstrings |
|
|
|
Bill Leff
From:
Santa Cruz, CA, USA
|
Posted 12 Mar 2010 1:09 pm
|
|
Thanks Ronnie. I'm dealing with it and so far so good.
However, I know they not only got my Contact List but saved things in folders, sent mail etc.
Lesson learned - if you want to save something, save it locally to your own computer. The public email sites like Yahoo will not help you to recover anything from their servers.
The "cloud" ain't all it's cracked up to be... |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 13 Mar 2010 9:03 am Identifying and reporting Nigerian financial scams
|
|
What we have hea is a failua to communicate!
This is a Nigerian money scam. These people are among the best in the world at scamming Westerners out of their hard earned money.
If you get an email from somebody that doesn't address you by your proper name, and is asking for money, distrust that message. Emails contain hidden content, called "headers," which contain the paths take from the sender to the recipient. If you are willing to do something about these email scams you can display the email headers, copy them in full, then paste them into a SpamCop report and file it. Basic membership is free for low-volume spam reporting members.
I have already published a lot of information about how to display these hidden headers, inside this Sticky Post: How to Display Email Headers For Reporting Scams or Spam.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
John Cipriano
From:
San Francisco
|
Posted 13 Mar 2010 6:16 pm
|
|
Without having any other information to go on, I'd suspect that the password was an easy one to brute force (ie a dictionary word) before I suspected keylogging. However, it could have also been a hijack, like you say.
If you like the convenience of webmail, I recommend combining a service like Yahoo or Gmail with the occasional backup that you can do over POP (make sure you tell the client to leave messages on server) or even better, an automated IMAP backup tool. I haven't used this but it looks interesting:
http://www.gmail-backup.com/
I have seen scores of people lose their locally stored mail to a hard drive crash. If you store your own mail, keep backups. But POP is unnecessary in this day and age. Just use webmail or IMAP and keep backups. |
|
|
|
Leroy Riggs
From:
Looney Tunes, R.I.P.
|
Posted 10 Apr 2010 7:21 am
|
|
Wiz, now my wife's Yahoo email has been hacked and someone is sending email to all her contacts with a simple link contained within it. I don't know what is on the site because Norton blocked the site when I tried to access 'her' link suggestion.
I have downloaded Spybot S&D and ran a full system scan. The only things that were found were files associated with the MyWebSearch junk (I have since removed it from her system completely).
She is also a member of Facebook.
Any suggestions an a solution? |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 10 Apr 2010 8:34 am
|
|
| Leroy Riggs wrote: |
Wiz, now my wife's Yahoo email has been hacked and someone is sending email to all her contacts with a simple link contained within it. I don't know what is on the site because Norton blocked the site when I tried to access 'her' link suggestion.
I have downloaded Spybot S&D and ran a full system scan. The only things that were found were files associated with the MyWebSearch junk (I have since removed it from her system completely).
She is also a member of Facebook.
Any suggestions an a solution? |
- Empty all temporary Internet Files/Browser cache.
- Delete all temporary files in the OS and in various user profiles. CCleaner is a great tool for doing this.
- Important step: Download, install, update and scan with Malwarebytes Anti-Malware. Have it remove all threats found, especially keyloggers!
- After scanning with MBAM and removing any malware found, change the Yahoo password to a strong one that is not in the dictionary, or delete the account and create a new one, with a strong password (a combination of uppercase and lowercase letters, numbers and punctuation keys).
- Stop using Facebook, home to the Koobface Trojan, or, only visit it using Firefox with the NoScript add-on blocking scripting.
- Use the email account provided by your ISP, rather than a free webmail account. Use a POP3 email client to compose, send and receive email. Windows Live Mail is my choice.
- Notify all of your/her friends about the security breach and advise them not to click on links sent from your hacked accounts.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Leroy Riggs
From:
Looney Tunes, R.I.P.
|
Posted 10 Apr 2010 8:50 am
|
|
Thanks Wiz, I'm in progress now.
I appreciate it. |
|
|
|
