Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Yahoo Mail account hacked?


  • Please log in to reply
12 replies to this topic

#1 G_MAN1974

G_MAN1974

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 20 February 2013 - 03:36 PM

Good afternoon everyone:

 

Yesterday morning, I went to check my yahoo email account.

 

In the spam folder I noticed a email to me from one of my other Yahoo accounts that I use when I sign up to online forums.

 

I obviously didn't send it to myself, so did some investigating.

 

I don't have any contacts in that account, and it looks like the spam email was sent to the two addresses I had in the sent folder, although the spam email itself was NOT in the sent folder. Nothing in the account settings appears to have been changed.

 

I logged into that Yahoo account. When I checked in the account information section, it showed someone had accessed my email at 4:14 am from Thailand via Yahoo Mobile.

 

I don not use Yahoo mobile, and in fact own no mobile devises capable of using the internet. I went to another computer in the house and immediately changed the password for that Yahoo account.

 

So, the question i have is, does my system have an infection, or is it an issue on Yahoo's end?

 

I have run full scans of my system using Norton Internet Security 2012 (up to date), Malwarebytes and SUPERantispyware. All came back 100% clean. Could there be something on my system these programs aren't picking up? Should I try running them with windows in safe mode?

 

i somethimes use my PS3 to check my emails instead of turning my computer on. Is it possible for the PS3 to get infected with maleware/viruses?

 

Any information you could provide would be greatly appreciated.

 

 



BC AdBot (Login to Remove)

 


#2 G_MAN1974

G_MAN1974
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 21 February 2013 - 10:19 AM

Little update:

 
Talked to my Dad this morning. Same thing happened to him today.
 
Somone in Thailand accessed his Yahoo mail account at 8:26 this morning.
 
So, does that mean it's more likely an issue Yahoo's end?
 
I have not found much online about a current issue, but did find something from the end of January 2013.


#3 G_MAN1974

G_MAN1974
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 22 February 2013 - 11:00 AM

Nobody??



#4 realitycheque

realitycheque

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 22 February 2013 - 06:23 PM

Although I don't have a Yahoo account myself, three relatives and two others that I know of have had severe issues recently. My husband is the latest victim that I know of. He started off his day by finding out that his email had sent out a request for funds to help him get back from a vacation in Mexico City. He has many contacts for both his business and volunteer duties, not to mention friends and family, so many went out. When he tries to access his account, he gets an old format page with all of his email and contacts gone. I have been looking for information all day to try to help him. It seems that this is truly a yahoo problem and I've found news articles to back this up, even though Yahoo doesn't seem to think it's important enough to report on their front page. Not sure if this helps you or not, but I really don't think it's a personal problem with your email or with your father's. I'm new to this site. I signed up just now after reading your post, and hoping that others will pipe up with their experience and possible fixes.



#5 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:30 PM

Posted 25 February 2013 - 11:55 AM

Hello,

Sorry for the delay.

With a single account hack usually I wouldn't suspect malware as the first culprit. A more likely scenario is either a weak password, password reuse, or something out of your control entirely. But, here are some questions just to be sure.

First, have you been experiencing any other symptoms that might lead you to believe that you have a malware infection?

Talked to my Dad this morning. Same thing happened to him today.

Have you used his computer to check the compromised account in the past? Has he used yours to check his? Have you sent him emails from the compromised account in the past, or vice-versa?

Have you checked the compromised account from any public computers, or public (unsecured) wifi?

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#6 G_MAN1974

G_MAN1974
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 25 February 2013 - 03:41 PM

Hello Blade, thank you for responding.

 

I have used my Dad's computer to check my hacked yahoo account, but that was months ago. He has never used mine.

 

Neither of us have ever used our computers in public, or even logged into the Yahoo accounts from computers outside the house.

 

As for noticing other things:

 

About 6 weeks ago, I had a blue screen while my pc was booting up. Unfortunately, I was not able to see the error message before it went to the screen asking for me to choose boot in normal, safe ect. It has not happened since.

 

A few days ago, after I discovered the Yahoo account issue, in the bottom bar where the clock is, a dialoge box popped up like the one that comes up when you put in a new usb stick and windows installs the drivers for it. Again, it disappeared before I could get the message, i think it said updating drivers but for what I don't know.



#7 G_MAN1974

G_MAN1974
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 25 February 2013 - 03:49 PM

Forgot to add:

 

Yesterday while online, I THINK Firefox opened a new browsing window on it's own. I say i think because my mouse scroll wheel is broken, so when i want to move down on a web page, i have to click the down arrow in the right margin. 

 

The site I was on had an advertisement right next to the margin, so it is entirely possible I wasn't over far enough and accidentally clicked the advert instead of the down arrow.

 

After that I again ran scans of Norton IS 2012, Malwarebytes, SUPER antispyware, and Spybot, all clean. 



#8 Blaize

Blaize

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 25 February 2013 - 05:58 PM

I am expirencing a very similar issue as the OP and when I googled it I came upon this thread. I would like to add that I too received a large amount of failed delivery messages from a Yahoo account this morning. The account that was affected is one I use for signing up for store coupons, newsletters and such and mind you, I can't remember when I last logged into this particular account. I have only used a Mac, Iphone and Ipad for the last several months. I checked the history on the Yahoo account and it showed it had been accessed by Yahoo Mobile from UT, US at 8:06 this morning which was definitly not me. I also received a copy of the email being sent out as it mailed a message to one of my other email addresses. The message showed my Yahoo account address in the from box, my name in the subject line and a link that included agroafora.eu in it but there were no copies of these emails in the the sent folder. However, there were quite a few of my previous emails I knew I had sent but never deleted. I could also determine the addressees being used were from the sent box and not contacts, I only have a few names in the contacts.

 

I called Yahoo and I was told that I was not the only person this was happening to and they were working on. He also directed me to change my password which I did. However, from my search on Google I can see this is a huge ongoing issue with Yahoo. It will be a huge hassle but I may be better off closing this and my other Yahoo account and doing something more secure. The idea that someone was in my account really unnerved me, were they reading everything or is this some type of virus that is just scooping up addresses to mail spam with?



#9 G_MAN1974

G_MAN1974
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 27 February 2013 - 05:27 PM

Also just remembered about a month ago, everything booted up and when I went to click an icon on the desktop, it didn't do anything. Non of the icons were responding. I rebooted, and they all functioned normally again.

 

I had an issue yesterday trying to download the update for Adobe Flash player. Anfter it downloaded, I went to install and firefox and Adobe came up as not responding. Took me a couple tries to get it installed.



#10 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:30 PM

Posted 27 February 2013 - 05:41 PM

I am expirencing a very similar issue as the OP and when I googled it I came upon this thread. I would like to add that I too received a large amount of failed delivery messages from a Yahoo account this morning. The account that was affected is one I use for signing up for store coupons, newsletters and such and mind you, I can't remember when I last logged into this particular account. I have only used a Mac, Iphone and Ipad for the last several months. I checked the history on the Yahoo account and it showed it had been accessed by Yahoo Mobile from UT, US at 8:06 this morning which was definitly not me. I also received a copy of the email being sent out as it mailed a message to one of my other email addresses. The message showed my Yahoo account address in the from box, my name in the subject line and a link that included agroafora.eu in it but there were no copies of these emails in the the sent folder. However, there were quite a few of my previous emails I knew I had sent but never deleted. I could also determine the addressees being used were from the sent box and not contacts, I only have a few names in the contacts.
 
I called Yahoo and I was told that I was not the only person this was happening to and they were working on. He also directed me to change my password which I did. However, from my search on Google I can see this is a huge ongoing issue with Yahoo. It will be a huge hassle but I may be better off closing this and my other Yahoo account and doing something more secure. The idea that someone was in my account really unnerved me, were they reading everything or is this some type of virus that is just scooping up addresses to mail spam with?

Blaize, please start your own topic for assistance with your issue. As each situation is unique, helping multiple people in one topic quickly becomes unwieldy and confusing for everyone involved.

***************************************************

G_MAN1974, except for the pop-up none of that sounds like malware. . . and since you've only had a single pop-up I wouldn't call that an infection either (your alternate explanation seems far more likely). It sounds to me like your account was compromised not due to malware, but due to one or more of the other factors I first listed. My recommendation would be to always use strong passwords, and do not use the same password everywhere. As for the various other issues listed, if they continue to recur please feel free to create a topic in the appropriate forum for assistance.

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#11 G_MAN1974

G_MAN1974
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 27 February 2013 - 07:38 PM

Thanks Blade.

 

I'm probably just being paranoid because I had a nasty infection with the Smart HDD and Google re-direct last September. It was long before I discovered Bleeping Computer, so i ended up just wiping the HD and reinstalling the OS from the Dell discs that came with my computer.

 

I'm comfortable doing that, but it's just a hassle having to download all the Vista updates again.



#12 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:30 PM

Posted 27 February 2013 - 08:00 PM

Definitely understand the uneasiness. However, given the factors here I think we can say you're not infected.

And yes. . . definitely understand the update hate. :)

Best of luck!

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:30 AM

Posted 27 February 2013 - 08:20 PM

Hi -

Along with the top advice given by Blade, just an extra that you may or may not already know about.

Along the top line of the Email page are a set of symbols. One is a Gear cog with an arrow pointing down.

You can click on this and select Full Header to read who, when, and where the email came from.

 

It takes a minute or 2 to read it, but their sender Email is listed and often an IP address also.

I have used this several times on suspect emails that get over the Spam folder, and it works quite well.

 

If you ever report any item to Yahoo (for what its worth) you need to post this with your report -

 

Keep up the fight to get spam off our Yahoo email accounts. Also change your password every 6 months. (I do)

 

Thank You -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users