the entry below came from Acid's multiply blog, and it is a very horrifying story and experience
hope everyone will be warned on the email-nappings. I encountered this already and got lucky to survived the attacked... luckily..I recovered my email password after 24 hours.

My Yahoo Mail last year is a fave attack and now my Gmail account is the target of these hackers.

just remember,, never open a weblink from a unknown YM user
or if someone sent you a weblink offline, dont open it and ask the sender what's the url for?

Phished, Hacked and Attacked
by: http://acid42.multiply.com/


week, I got an innocent-looking offline YM message from a contact of mine–someone who doesn’t usually send me links. Stupid me, I clicked on it, and was sent to a blank page. I didn’t think anything of it at the time. Probably a mistake, I thought. Packed up my stuff, went home.

At home, upon checking my GMAIL addy, I found a message saying I had successfully changed my Yahoomail password. Whaaat??? I frantically opened my YahooMail page (which is set to always be logged in, here at home) and tried to change my password. It would not work without my current password, at which point I tried to ask for my own password.

Yahoo has this inscrutable, complicated process in which you confirm your identity first before being able to: change your password, ask for a replacement password, delete your account, or even just send email to customer care. This is all great for security yeah… EXCEPT I HAD JUST GOTTEN MY EMAIL ADDRESS HIJACKED so pardon me if I felt ill will towards the red tape.

My registration details did not match what they had on record. Meaning, whatever got control of my email account password, also got into my registration details and probably changed them. Meaning, my email to customer care telling them that I had lost control of my email account, DID NOT GET THROUGH to an actual human being. Meaning, goodbye email addy of 8 years.

So I spent most of that sleepless night exporting member lists of my multiple mailing lists, and transferring ownerships of those lists to different members, to ensure that the hacking would not include deletion of my yahoogroups.

Unfortunately i did not have the time to delete my address book or emails. Meaning, someone or something out there may have access to your email address. And may use my old email address in order to phish for your account details.

So please, disregard any email coming from acid42@YAHOO.com. And especially disregard any YM message coming from acid42. Delete that account from your YM contacts list please!

My primary email is now acid42[at]GMAIL[dot]com. And my YM ID is now lionel_valdellon.

+ + +

Things I’ve learned from my research.

1. It is dangerous to click on links from within YahooMessenger.
Even if it’s from people you know. Always ask where any link they give you leads. If you must follow a link, then copy the URL and post to your browser window.

2. Phishers target YM to send malware.
http://www.internetnews.com/security/article.php/3492996

The attack starts with an IM message from a user’s buddy list. The message directs the users to a site where they log in and reveal their Yahoo identity and password. The phisher then gains access to all of the users personal ID stored as part of the individual’s Yahoo account.

3. It is dangerous to keep your email account ALWAYS LOGGED IN.
The hacking code probably got my password from my browser cache, since I am always logged in here at home. NOT ANYMORE!

4. Keeping a password on your clipboard isn’t safe if you BROWSE THE WEB.
While some advocate copy-pasting your username and password from an existing text file or blog entry online, apparently there are ways to find out what’s on your windows clipboard. Solution: …….. I’m not really sure. Maybe copy-paste your details and then copy something else immediately after? Would that work? Maybe. I dunno for sure.

Post a Comment

2 Comments

Anonymous said…
thats too bad az, you should have made your PC more secure in the 1st place like installing good antivirus. Norton or AVG won't cut is in blocking those kind of sites, I suggest you getting NOD32.
i already got AVG.

my friend acid, was the one who got the virus incident.

anyway..whats a NOD32??