Monday, September 5, 2011

My Yahoo Account Got Hacked

I was away on a road trip to Bend, Oregon this labor day weekend.  When I opened my iPhone on Sunday morning to check my e-mails, I had numerous unread e-mails.  They were all undeliverable e-mails to addresses on my Yahoo address list that were no longer active.  Since my gmail address is listed on my yahoo account address list, my gmail account received a few of these e-mails.  I was able to see what e-mails were being sent from my yahoo account to everyone else in my address book who had an active e-mail account.

I opened my yahoo account in 1996, essentially to keep in touch with a few of my high school friends.  My address book had been slowly building up:  high school friends, a couple of high school teachers, college friends, co-workers (California, Portland, Seattle District Corps of Engineers, Port of Seattle, Iraq, Bosnia), former bosses, and other friends.  Many family members are also in my address book.  We have a couple of family yahoo group accounts. Fortunately, I haven't been adding too many to the address book since I created my gmail account three years ago.

So apparently, I had been sending e-mails to a great number of people about "great sex", "fantastic orgasms", etc.  I got some humorous responses from a few people concerning the e-mails.  Don't open the link to these e-mails.  It is just a link to a Canadian online pharmacy -- at least on the link that I opened using my iPhone. They may also infect your computer if you don't have the right safeguards.  Yahoo has had these issues many times before.  I also receive many spam e-mails thru my Yahoo account.  Most are filtered and designated as spam mail. Some do not, and make it thru as "regular" e-mail received. This is one reason I opened a gmail account.

There are a few things that you can do to help prevent this:

1.  Change your yahoo account password regularly.  I did this immediately after I found out about the e-mail issues.

2.  Save your e-mail address list somewhere else.  I will start to compile and save my yahoo address list (a hard copy and an e-file); once complete, I will empty my yahoo address list .

3.  Open a new account.  (Gmail has been fairly reliable.  I have not had any spam in my nearly 3 years with them.)  This may be a bit harder because your yahoo account may have been your primary e-mail account for a long time and switching to a new address may result in losing some of your contacts, unless you personnaly send each one an e-mail.

On a related note, I also edited my profile to remove my home address (it used to be required when you signed up for an account).  Just your your city and zip code should do.  Mark off all marketing preferences that allow your e-mail address to be used for such things (I already had these settings checked).  Don't put any phone info, home or mobile (I do not have any listed).  There are a few other things you can change on your Yahoo account profile.  This may not prevent your account from getting hacked, but it limits the personal information that can be hacked.  I guess the advice goes also to any other web accounts and profiles in social networking sites. 

More related notes:  I checked a few of the sites that offer to provide personal info on people for a fee.  I checked the info on me (just the basic info, without paying) -- one site had my profile as a rich, married, Caucasian man.  It did have many other information on me correct (age, addresses (current and several previous ones), religion, etc.).  Most of these info are gotten from public records such as from the county (property transactions).  The bill of lading for my household goods shipped from Abu Dhabi to Seattle is available in the web.  The Department of State contractor/sub-contractor which handles DoS shipment had this document uploaded and stored online.

Anyway, boo on Yahoo for not keeping their system safe from hackers.  I will slowly wean off from my yahoo account and use it only for non-essential use.  There are still a few sites that require input of an e-mail address; I can always use my yahoo e-mail address for these things.

No comments:

Post a Comment