Categories: Internetsecurity

Yahoo! Mail security issues.

I’m seeing a lot of issues with Yahoo Mail accounts being compromised, so I’m posting my notes here and will update as I understand the problem better.  An example is when you get e-mail from friends with a single, SPAM URL in the message and it’s sent to 10-15 people (in alpha order) from their Yahoo! Contacts.

I suggest that you NOT check the box ‘keep me signed in’ when you log into Yahoo Mail (highlighted in red rectangle on screen shot below).  From what I can tell, some web sites with malicious content take advantage of cached Yahoo credentials and send mail with these SPAM links to everyone in your Yahoo contact list.

I also recommend using “two factor authentication” wherever possible.  Two factor authentication uses something you know (your password) with something you have (phone number, cell phone).  When accessing a web site, you enter your password (something you know), and then are prompted to enter a code sent to your phone (voice), or your cell (text), which are things you possess.  This is used when resetting passwords on your bank or credit card web sites.

Another option is to consider moving to Google Mail which appears to be more secure, and I know from testing that Google’s two factor authentication is quite comprehensive and I use an Android app on my cell phone to generate a code.


Yahoo login – do not

Yahoo Two factor authentication reference links

http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two+factor-authentication-right-now

http://www.pcmag.com/article2/0,2817,2409477,00.asp

Paul Begley

Share
Published by
Paul Begley

Recent Posts

Home computer security recommendations

I recommend you keep your Windows OS patched and be sure to update all the…

1 year ago

Internet speed tests

With more people streaming and general Internet use increasing, I get questions about measuring home…

1 year ago

Windows endpoint security recommendations

Friends and family have asked about antivirus and security recommendations. This is a quick summary…

1 year ago

Home network update – Meraki to Netgate

I avoid frequent changes to my home network. My stated goal is to design and…

2 years ago

PiHole update – certificate error

Attempting to update PiHole from the command line, I received the error below: [i] Downloading…

2 years ago

Obituary – Maureen Begley

Maureen A. Begley (nee Burchill), age 91, of Chillicothe, Ohio, formerly Moorestown and Mount Laurel,…

3 years ago