dslreports logo
    All Forums Hot Topics Gallery
Search Topic:
share rss forum feed


2 recommendations

reply to mattrixx

Re: E-Mail "Contact List" Hack

said by mattrixx:

Not sure if this is the correct forum for my gripe, but what is going on with AT&T, Yahoo, SBC Global etc. E-Mail vulnerability?
Can something be done to prevent or avoid further attacks? Anti-Virus and Anti -Malware Programs can't seem to deal with this problem and the ISP is clueless!

This has been a recurring issue for some time. In the past there was a rash of victim accounts where everyone in their address book were spammed with links for Chinese knock off product's websites. The support forums for both Yahoo and Microsoft live/hotmail were flooded with complaints of compromised accounts. Several reports of compromised accounts came from knowledgeable users who used complex passwords unlikely to be compromised via brute force.

I doubt that your PC has been compromised. If you use an email client, turn previewing off. When you log in to a webmail account, do so in a single web browser session, and make sure to log out as soon as you are finished reading and/or sending email. Do not stay logged in to your email account when browsing the web. Make sure that auto displaying/downloading of images from non trusted senders is off. The best strategy is to practice risk mitigation.

There are still ongoing issues with accounts compromised via session cookie hijacking. There are numerous internet postings on on email session cookie stealing, e.g.:

Reference: »cyberprotector.blogspot.com/2012 ··· ing.html


Technically feasible
West Hartford, CT
Thanks for the info on how this is happening.

I'm going to explore the Yahoo Messenger angle as well [anyone know if MSN Messenger would do the same for Hotmail, or AIM for AOL?], the next time I have to troubleshoot this issue.