[sharky]

I went to my Yahoo email account today, first time in about 3 days.

First i notice after signing in, i notice i have the new Yahoo email website design [actually not too new] Not too big a deal
But then i notice i had about 30 INBOX emails saying ' MAILER-DAEMON@yahoo.com", all received within 2 minutes.of each other. Some of the email addresses on them ii recognized others were politician names.

The emails had no messages, but had 3 paragraphs of this:
...LFD5M3UdA0rOmga8AIzQMjoMwRjen95a0sVVM_tXraHqlGwWYyLgJUEkuzvz
5iXojx9HX24jRlupMk.pScoXK1FPXND5KlCtujS1.3RsWaoMGXOoJu5SGtEh
QBN45ta00nKxNAGQ_.a_fqK8jnHT0lGEWNowBIu8....

I changed the password, but now i notice another email account has absolutely no ties to my first email account, has one funny email.

[Phantom010]

Could be email spoofing.

[lunarlander]

I wouldn't worry too much about them. Maybe it is spam in some other language. Just don't open any attachments.

[sharky]

"Yahoo! Account Security has identified a possible risk to your account."

Something went on. I just got this message when i logged in today.

[Elvandil]

What did it tell you?

The mailer daemon returns are often not real. They use that method to get SPAM to you since they are rarely filtered out by SPAM filters.

[orion5893]

Were there any messages in your Sent folder? But yeah it's probably just spam and if it's not then it's good that you changed your password.

[sharky]

re:nothing unusual in the 'sent box''

I am not overly concerned,there is nothing of monetary value in my email account.
Many of the false email returns have politician names as addresses.Some police officers addresses. Some email addresses i have sent emails to in the past.

I am guessing it may have something to do with this:
http://www.infosecurity-magazine.com...rd-data-breach


-------------------------------------------------------------------------------------------------------------------
MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Unread Internet Mail Delivery Delivery Status Notification (Failure) - [AKO Content Violation - SPAM] Fri, 8/3/12 6KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 8KB
Unread MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Unread MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Unread MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Unread MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 8KB
Unread MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 8KB
Unread MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Unread MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Unread MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB
Unread [email]MAILER-DAEMON@yahoo.com[/[ No Subject ] Fri, 8/3/12 7KB
Read MAILER-DAEMON@yahoo.com Failure Notice Fri, 8/3/12 7KB

[Squashman]

I think this is another Yahoo email hack.

My wife just told me she got an email from my yahoo account.

I logged into my yahoo account and sure enough, there was a notification from Yahoo saying my account was accessed from computers it did not recognize. I checked my account login activity and sure enough my account had been logged into a few hours ago from an IP in Poland. I had several emails in my sent box with all kinds of spam websites in the body of the emails.

What I don't get is I just changed my yahoo password last month when Yahoo confirmed they had 400,000 accounts compromised and I don't even use that Yahoo Voice service. I changed my password to a pretty strong 14 character password with special characters, letters and numbers. This tells me that Yahoo was breached again.

[Phantom010]

It's not easy to crack a webmail account password. I'd bet on email spoofing instead. That's very common these days. It's mostly caused by careless contacts.

I use webmail mostly for registrations or unimportant things. Nothing personal or sensitive. Some accounts have had the same stupid short easy to remember passwords for years, and I've never ever been hacked in any way. I don't even receive spam.

[Squashman]

Yahoo keeps track of your Logins. And it even gives you a notification if it feels you logged in from a computer it does not recognize. And considering I had a dozen emails in my sent box and at 5:11 pm yesterday and I had a login to my account from an IP address in Poland, it is pretty much a guarantee it wasn't spoofing!

I agree with you that it is not easy to brute force a complex password but when Yahoo keeps passwords in CLEAR text on some of their systems and that system is hacked you are pretty much you know what! SCREWED!

[Phantom010]

Quote:

Originally Posted by Squashman

And considering I had a dozen emails in my sent box and at 5:11 pm yesterday and I had a login to my account from an IP address in Poland, it is pretty much a guarantee it wasn't spoofing!

Yeah, I agree. It does seem unlikely.

However, cracking a password is a lot of trouble just to send spam. I think spoofing is more common.

[Squashman]

I sent an email to Yahoo Security and the ISP who owns the ip address of the offender. They had an abuse email listed in their Whois Lookup.

[Phantom010]

If you change your password again, and still find those questionable logins, I'd have a talk with Yahoo... Or, I'd scan my computer for malware...

[Phantom010]

Quote:

Originally Posted by Squashman

I sent an email to Yahoo Security and the ISP who owns the ip address of the offender. They had an abuse email listed in their Whois Lookup.

However, spam will almost always come from blacklisted IP ranges.