In the past week I have received emails from 2 friend’s Yahoo email accounts — sent by hackers! The emails contained a link which, had I clicked it, would have done who knows what.
The hacking attack which was used to take control of my friends email accounts used a security vulnerability at Yahoo to copy an access cookie that had been issued from Yahoo. This access cookie gave the hackers full access to the email account until the cookie expired. This attack did require my friends to click on a link, either in a website or in an email.
What you should take away form this? Don’t click on suspicious links! If you have any doubts about a link in an email contact the sender to confirm it’s legitimacy. If you don’t know where a link is going to send you then it is suspicious. Also keep in mind that the text of link may not reliably reflect the target. If you mouse over a link your computer should show you the full URL where it will take you — if it is different or odd do not click it!
If you want more information on the specific Yahoo security break Arstechnica has written an excellent article: how yahoo allowed hackers to hijack my neighbors e-mail account
If you think you were the victim of this or another email hack there are some steps I strongly recommend you take:
- change your password — both in this account and anywhere else you used the same password. Don’t forget that the hackers had access to all you emails, can google your name and email, or just guess other websites or accounts you might have logins with. I suggest using different passwords when possible, especially for sensitive logins like banking and email.
- check your email accounts security settings to ensure they have not been changed — wouldn’t want the hackers to gain access via a future lost password security question
- inform your contacts your account had been hacked and not to click on any links they may have received. You might have exposed them to the same hack and they may not realize they have been compromised