A humorous exploration of a Canadian's life in Australia.

Friday, January 25, 2013

Yahoo struck again...

Yeah, I have an old, defunct Yahoo Mail account. I abandoned it about a year ago in favour of another free-mail provider mainly because I was sick of the ads and the spam. Granted, Yahoo did a lot better with the later than Hotmail which I dropped in less than a year.

So today, basically anyone and everyone that I've ever sent an e-mail to from my yahoo account over the years has received at least one piece of malicious spam.  The funny thing is that unlike the normal spam-crap that gets triggered by malicious links, this one didn't require it.  I check my yahoo account every few months, but aside from checking to see if some long-ago contact as tried to get in touch with me, I don't open/read mail from this account, so no chance of a malicious link... The other thing that was curious is that many of the spam attacks use address books, which is one reason I keep my address books empty. It appears to have used e-mail addresses from my sent-items list. It wasn't my Inbox / folders because some of the addresses I saw listed from the auto-replies and responses from confused people were addresses I would have sent the odd inquiry to, but never received or kept any response from. I have always purged my sent folder periodically but there was still about 4 pages of e-mails in there. I wiped it all out before I checked, but at least one of the one-off e-mail addresses I saw in a response likely wouldn't have still been in my sent box since the last purge. There was no trace of the "sent" spam in my sent mail folder either, though I don't know if many mail hacks actually work through the mail client like that.

From what I can tell, and what I've been reading, it's quite possible that my Yahoo account wasn't compromised, it may have been the actual Yahoo service that was compromised.  Either way I've taken the precaution to change the account password, plus purge all messages from the various folders in the account, and run a current malware scan to be safe.

So, if you've gotten a bit of crap from my yahoo mail account, I do apologize for not being diligent enough when I retired that e-mail address. Please delete it, and if you're on Yahoo in particular, clean out your folders/address book, change your password, and hold your breath...


No comments:

Post a Comment

About Me

I live around sunny Brisbane working around the city and generally trying not to make too much of a nuisance of myself.