[OLPC library] Yahoo accounts hacked? Re: link from Carlo Falciola "dangerous"
S Page
info at skierpage.com
Mon Jun 18 17:47:39 EDT 2012
Chris Leonard wrote:
> It happens to the best of us, and you are not the only OLPC/Sugar
> contributor that this has happened to in the past week.
For what it's worth, Carlo's is the 5th spam messages that I've received
from known contacts in the last two months, *all from Yahoo mail users*
(until Caryl's spam from a hotmail account). I think the bad guys have
at least figured out how to spy on Yahoo e-mail traffic and have
probably compromised a number of Yahoo accounts so they can contact
Yahoo webmail as "you" to deliver messages to your contacts. But I find
no news story about this.
If you have a Yahoo account, consult their guideline "My account may
have been compromised" at
http://help.yahoo.com/kb/index?page=content&id=SLN3420
> The Internet is a scary place sometimes and these things happen.
Indeed.
* Always connect with httpS, particularly when entering a password.
Unlike Google, Yahoo doesn't enforce this,
* Only use the same password for multiple web sites if you don't care
about all of them getting compromised.
* If someone sends you a link without any context, be very dubious.
I followed the spam links in the text-mode Lynx browser (no
Flash/JavaScript/plug-in vulnerabilities), and each goes to a different
page on compromised sites that redirects to a fake Fox/MSNBC URL that
presents a fake Fox News site just to rave about some deit pils
(misspelled to avoid spam detection). I believe the appropriate
response is "Oy vey" :-)
Cheers,
--
=S Page
More information about the Library
mailing list