[lug] WARNING! My Yahoo email account was hacked this morning!
Davide Del Vento
davide.del.vento at gmail.com
Sun Jun 9 18:59:30 MDT 2013
The problem I've found with this approach (with Google) is that I have
two phone numbers, one Italian and the other American. When I travel,
I often get problems with the phone in the other country. Google sees
the change of country from IP and tries to force me the two step auth,
which I can't use because of the phone issue (not to mention if the
phone is lost of stolen while in the other country). So I get
completely locked out: no phone, no email. Well I have the other
phone, but most people don't. It might be good for some people, but
for me (and people who travel) this two step thing is just a big PITA.
Please enlighten us if you know better (or if Y! does better than G)
On Sun, Jun 9, 2013 at 1:21 PM, David Frye <dafr at dafr.us> wrote:
> Yahoo! is now offering two factor authentication which is helpful to prevent this from happening.
> You can also check to see where the intrusion may have happened by accessing your Account Information and then viewing the Recent Login Activity. There is also a Manage App and Website Connections where you can disassociate any unknown devices or apps from your account.
> It's highly encouraged that you add your mobile number to your account and confirm or update your personal questions as ways to recover the account if you ever can't get in. Your phone number is secure and will not be used for any other purpose.
> Disclaimer: I work at Y!, but do not speak for them here.
> On Jun 9, 2013, at 11:48 AM, Dru Whitledge wrote:
>> Hmmmm. this of all places is where I would hope for some more detail. Most folks on this list are pretty techie and some terminally techie types who could help us all avoid the threat of what got you.
>> So, I assume that YOU also got an email with the -- "subject line "Enjoy!" and surely you didn't click on an unknown executable, but it got you anyway? Help us understand how it might get us. Have you identified what exactly did get you?
>> Mucho thanks,
>> At 12:00 6/9/2013, lug-request at lug.boulder.co.us wrote:
>>> Send LUG mailing list submissions to
>>> lug at lug.boulder.co.us
>>> Today's Topics:
>>> 1. WARNING! My Yahoo email account was hacked this morning!
>>> (Gail Austin)
>>> Message: 1
>>> Date: Sat, 8 Jun 2013 15:25:04 -0400 (EDT)
>>> From: Gail Austin <gail_austin_co at yahoo.com>
>>> To: lug at lug.boulder.co.us
>>> Subject: [lug] WARNING! My Yahoo email account was hacked this
>>> <1113724634666.1107416906074.4389.7.6152503 at scheduler.constantcontact.com>
>>> Content-Type: text/plain; charset="iso-8859-1"
>>> Hi All: This morning, my Yahoo email account was hacked. I believe that a bogus
>>> email that appears to have been sent by me with the subject line "Enjoy!" and just
>>> an attachment has been sent to everyone in my Contacts list. So I am sending out
>>> this warning - please don't open the attachment in any emails from me that just
>>> have an attachment! My apologies for this inconvenience!
>>> Best regards,
>> Web Page: http://lug.boulder.co.us
>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
More information about the LUG