Yahoo a/c compromised - Cherbourg Scuttlebutt Cruise

S

Sailfree

Well-Known Member
Joined
18 Jan 2003
Messages
21,672
Location
Nazare Portugal
Visit site
Apologises for double posting but I have been contacted by both Giblets & Topcat47 that my yahoo e mail account has been compromised.

It is from this e mail account that I sent out the Cherbourg list.

Prior to being informed (having used my e mail account while on a cruise) I did a malware scan that found a Trojan that it deleted. I subsequently did an AVG scan that said all OK.

1 day later I repeated both scans and both say OK.

Pleased to receive any further computer advice but hopefully my computer is now clean but apologises to anyone receiving an e mail from me that is even more rubbish than usual!! I assume if they are post my computer scans its because of retained info by Trojan.
 
So...

1. You presumably have since changed your password on yahoo. You presumably changed it to something at least 8 characters, with symbols, numbers and upper and lower case letters.

2. You have presumably changed that password on any other site that used the same username/password combination. If not they will have it stored and will try it on sites left right and centre.
 
ShinyShoe said:
So...

1. You presumably have since changed your password on yahoo. You presumably changed it to something at least 8 characters, with symbols, numbers and upper and lower case letters.

2. You have presumably changed that password on any other site that used the same username/password combination. If not they will have it stored and will try it on sites left right and centre.
Click to expand...

Yep done that eg 1. I used a variation of the password for other sites but not the same one but will change them as I use them - Bit of a pain
 
"at least 8 characters, with symbols, numbers and upper and lower case letters."

I have read that if you put two or three words together [whataripoff], it is just as secure, since no amount of dictionary searching would find it out.

What does the team think?
 
No, very insecure. A computer can add words together very easily, and brute force crack that in no time.

A secure password uses non dictionary words, and the more random it is the better. Lots of symbols and numbers is best.

This is the sort of thing that makes a secure password.

h034e7u07£@)@H)@730823)@£%!&*

You don't have to remember it though, you can get a password manager to do it for you. Careful of the ones that store that info in the cloud, that can be hacked too.
 
As asked in the parallel lounge thread on this....Are the spam mails *actually* from your account or is the display name "Mr. Sailfree" (or whatever the OP's real name is) but the address it's actually from (the part between the angle brackets "<" and ">" in the FROM: field) is something different?

A short while ago I had a spate of mails which on first glance were from friends with yahoo accounts but on closer inspection were actually from accounts associated with the mail server they were actually sent from (which helped them get through spam filters). Somehow an address book was compromised (lots of apps trick you into uploading your contacts these days) but the actual mail accounts weren't, so changing password would be pointless.
 
Yahoo in my experience drive you nuts repeatedly asking for passwords/logins 'and often resulting in yet another reset. After a time it gewts tedious and I have oft times run out of new password ideas hence my last Apple one of Apple****ing suck5.:disgust:
 
Bad luck - hope the problems are now resolved

I am not a tech geek, but would not think a Trojan on the PC is anything related to somebody cracking your Yahoo password.

The most likely reasons for getting a Trojan are
- opening an attachment or link in an inbound email which invokes a nasty payload program
- downloading freeware software from the wrong site
- browsing the wrong websites, with weak browser security settings

Once on your PC they easily find your contacts - and can send emails automatically when you are logged in. They don't need the yahoo password. At least that is my understanding

Strong security software and paranoia about all email attachments and links will help - but here is always the risk that we get the spam UPS delivery email just coincidentally the one day we are overdue a UPS delivery (or similar)
 
My approach to infrequently used sites is to set them up with random passwords then forget the password and use the "reset password" button to get a new one next time I need to use that site. Any risks with this approach? So many sites insist that you create an account before they will sell you anything that the list of passwords soon gets unmanageable.
 
N
dunedin said:
Bad luck - hope the problems are now resolved

I am not a tech geek, but would not think a Trojan on the PC is anything related to somebody cracking your Yahoo password.

The most likely reasons for getting a Trojan are
- opening an attachment or link in an inbound email which invokes a nasty payload program
- downloading freeware software from the wrong site
- browsing the wrong websites, with weak browser security settings

Once on your PC they easily find your contacts - and can send emails automatically when you are logged in. They don't need the yahoo password. At least that is my understanding

Strong security software and paranoia about all email attachments and links will help - but here is always the risk that we get the spam UPS delivery email just coincidentally the one day we are overdue a UPS delivery (or similar)
Click to expand...

I have changed password.

Been advised its my name but not @ yahoo but another domain.

Unsure where Trojan appeared from as I have AVG and Virgin router often stop dangerous sites but have used computer on the public network of a P & O Cruise for last 24 days.

Thanks to everyone for their advice.
 
You must log in or register to reply here.

Share this page

Top