[TriLUG] I am my own boss...

David Burton ncdave4life at gmail.com
Wed Jan 25 15:41:59 EST 2012 

Vast numbers of people are getting their webmail accounts hijacked (Yahoo,
AOL, Hotmail, etc.).  The solution is almost always simply to change the
password.

Be sure to also immediately change the passwords for any other accounts
that used the same password, especially accounts associated with money:
 eBay, Paypal, Amazon, your bank, your brokerage, etc..  Change them to
something DIFFERENT from the new email account password.

I suspect that the bad guys are getting the accounts in multiple ways, such
as:

   - Harvesting your password when you check your email from an infected PC,
   - Spoofing legit web page logins to capture passwords,
   - Automated web searches for words associated with your email address or
   name (pet names, children's names, etc.) to try as passwords,
   - Perhaps infecting and capturing whole account databases from some of
   the web sites that require registering and logging in (knowing that many
   users recycle their passwords),
   - Perhaps dictionary attacks to discover weak passwords,
   - other ways that I haven't guessed.


I also suspect that they often wait weeks or months before using the
captured account info, thereby making it hard to figure out how they got it.

Dave



On Wed, Jan 25, 2012 at 3:17 PM, Jeff Schornick <jeff at schornick.org> wrote:

> A friend of mine (highly technical, but not a TriLUGer) had his Yahoo
> account abused in a similar fashion this morning.  The interesting
> part was that it apparently did not involve logging in, changing his
> password, nor did it register any sent mail in the process.
>
> Best be aware if you're a Yahoo mail user(*).
>
>  - Jeff
>
> (*) As the headers indicate Scott is, at least after a cursory glance.
> --
> This message was sent to: Dave Burton <ncdave4life at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web  :
> http://www.trilug.org/mailman/options/trilug/ncdave4life%40gmail.com
> TriLUG FAQ          :
> http://www.trilug.org/wiki/Frequently_Asked_Questions
>

More information about the TriLUG mailing list