It has chine to my attention that contacts in my Yahoo email are getting spam messages originating from my email address. If course I didn’t send then and they aren’t showing up in my sent folder, so apparently my account had been compromised and had been hijacked by a spammer. So what do I do now to stop it? Will changing my password be sufficient tostop the spamming?
I’m not sure how they managed to get my password (if that’s how they get access), it’s ten letters and the numbers, I can’t see someone spending that much time guessing that one when there surely are Lowe hanging fruit out there. If changing the password isn’t enough, what do I do?
If you use the same password anywhere else (say, a message board, an online store) with the same username or with your Yahoo email address, that’s probably how your account got hacked. Someone got a database of usernames and passwords from somewhere else and is trying them all out at Yahoo, and using the ones that work.
If there’s nothing in the sent folder it could be that the spammer deleted everything.
But, if you don’t use that password anywhere else, runner pat’s suggestion is probably the right answer.
How sure are you that it’s coming from the yahoo servers? Did you verify it by looking at the “Received:” headers in the source messages of the spam? There are two ways that people can get spam from obbn@yahoo.com:
A spammer sends an email with a forged “From: obbn@yahoo”. This can be done from anywhere.
A spammer has actual access to your yahoo.com account. He logs in and sends the spams directly from your yahoo email account.
#1 is the most common kind of spam. It’s called a Joe-Job where they fake a From address. #2 is rarer. It happens when a hacker gets access to your email login/pw. The most common way is that some other website was hacked where you used the same email/pw combination.
You said that your yahoo pw was unique. Are you 100% sure? What about your secret questions? Maybe the hacker got those from another site you use and broke into your account that way.
In any case, change your yahoo pw. The hacker also had access to your inbox and may have downloaded that to find out what other accounts you have (bank/amazon/facebook, etc). Be sure to change those passwords as well.
Thanks for the link. It shows access only by me EXCEPT one instance occurring yesterday from Georgia. Very strange, I really can’t imagine someone getting my password, I believe that ten letters and the numbers would be pretty strong. This, in the scheme of things really isn’t a big deal, however I am very interested how it’s being done. They certainly aren’t accessing my email for any information, if they are they are going to be very disappointed. Most of my emails are stupid pictures sent to my friends and midget jokes!
Well, I spent a bit more time on the Yahoo link that ** DWMarch** provided and noticed that not only does Yahoo list the State the unauthorized access occurred in, but it lists the IP address of the computer used I’m the caper. Now, because I find thus very interesting and I am bored (mostly bored), I’m wondering if there is an easy way to convert this IP address into a particular city and perhaps even a particular area in a city. I realize that one can even go so far as to narrow it down to a specific address, but I would assume that information if not available to the general public.
So, maybe I read too much Sherlock Homes as a kid, but I now have a mission to help me kill a little time. Does anyone here know how I can decode an IP address? If it helps the IP that Yahoo shows as accessing my email was 166.205.55.27 Any help would be appreciated!
Googling the IP address a first search return which points to an online IP address lookup. According to that info, that IP address is a Cinglar (AT&T Wireless) proxy server in the Wichita, KS area, not anywhere near Georga (US or country). But it’s a proxy server; if it’s being used legitimately, the actual remote endpoint would probably also be in that area (local cellular internet provision), but if being used as a relay, the remote connection could be from anywhere online.
Changing your password should do it. There’s been some kind of Yahoo exploit where a spammer can faux-authenticate as you and send spam to people in your contacts. As I understand it, they never actually gain full access to your account to take it over - all they could do is to leapfrog over an authentication step and start sending spam.
