reply to mattrixx
Re: E-Mail "Contact List" Hack
said by mattrixx:This has been a recurring issue for some time. In the past there was a rash of victim accounts where everyone in their address book were spammed with links for Chinese knock off product's websites. The support forums for both Yahoo and Microsoft live/hotmail were flooded with complaints of compromised accounts. Several reports of compromised accounts came from knowledgeable users who used complex passwords unlikely to be compromised via brute force.
Not sure if this is the correct forum for my gripe, but what is going on with AT&T, Yahoo, SBC Global etc. E-Mail vulnerability?
Can something be done to prevent or avoid further attacks? Anti-Virus and Anti -Malware Programs can't seem to deal with this problem and the ISP is clueless!
I doubt that your PC has been compromised. If you use an email client, turn previewing off. When you log in to a webmail account, do so in a single web browser session, and make sure to log out as soon as you are finished reading and/or sending email. Do not stay logged in to your email account when browsing the web. Make sure that auto displaying/downloading of images from non trusted senders is off. The best strategy is to practice risk mitigation.
There are still ongoing issues with accounts compromised via session cookie hijacking. There are numerous internet postings on on email session cookie stealing, e.g.:
West Hartford, CT
Thanks for the info on how this is happening.
I'm going to explore the Yahoo Messenger angle as well [anyone know if MSN Messenger would do the same for Hotmail, or AIM for AOL?], the next time I have to troubleshoot this issue.