SPRINGFIELD, Mass. (WGGB) — Got an unusual email from a friend of yours that might have a Yahoo! account? Chances are their account may have been hacked.
As ABC40′s Stephanie Officer checked her email Friday night, she realized she got an email from herself that she didn’t send. It came from her Yahoo account, and at this point, she realized it was compromised.
The message she supposedly sent contained a link that if you clicked, could potentially be a virus.
It’s estimated that it’s already happened to millions of Yahoo account holders.
Tom Banerjee owns Control Alt Delete, a computer repair shop in Springfield, and says he notices one big difference in Yahoo versus other email service providers.
“I have the email in Gmail, Hotmail and Outlook to prevent that spam. In Yahoo, I have not seen that option. Meaning if you go to Yahoo and go to options, I don’t see the options I see on Google. You can create a spam folder where hundreds upon hundreds of email goes to the spam folder,” Banerjee said.
It appears that the Yahoo fiasco is the work of one person, Shahin Ramezany.
The brazen hacker has uploaded a YouTube video explaining how he did it, and is even tweeting his followers about the feat. According to Banerjee, that’s really all he’ll get out of the whole thing. “It’s just to waste our time, they don’t get money or anything from it. They’re an annoyance.”
Still, Banerjee says there are steps you can take to protect yourself. “There are a lot of password generators available it’s free. Norton has one, you should always download that and you can select how many characters you can assign for that, uppercase, lowercase, alpha numeric symbols. Every week it generates a new password and keeps it on your desktop,” he advised.
Ramezany says he’ll post every detail of what he did after Yahoo fixes the security loophole.
Yahoo has just released a statement regarding the matter:
“At Yahoo! we take security very seriously and invest heavily in measures to protect our users and their data. We were recently informed of an online video that demonstrated a vulnerability. We confirm that the vulnerability has been fixed. In addition, we are investigating recent reports of increased abusive traffic and will work diligently to fix any vulnerabilities that are found. Concerned users are encouraged to change their passwords to a safe password that combines letters, numbers, and symbols.”
In July, Yahoo was scrutinized for putting account holders at risk as a result of a file being stolen from their company’s servers.