At this point, Yahoo has fallen down on security in so many ways I have to recommend that if you have an active Yahoo email account, either direct with Yahoo of via a partner like AT&T, get rid of it.
And in case you have employees who check their Yahoo account on lunch breaks… it’s time to put Yahoo on the block list of your firewall and all filtering software & devices.
Hints And Tips For Yahoo Account Owners
- Before you delete the account, get rid of all the folders and only then delete the account and open a gmail account instead.
- Check if you have used your Yahoo password in other sites, and change the password and security questions for those accounts. And remember, never reuse your email password (or any other password tied to an account that holds sensitive data about you) at any other site.
- If you used a mobile phone number in association with your Yahoo account, and you still use that mobile phone number, then SMS phishing (a.k.a. Smishing) is now a distinct possibility, so be very wary of smishes.
The forensic investigation is still going on, but it is highly likely that the bad guys initially got in through a spear phishing attack with a spoofed ‘From’ address. These types of attacks are hard to spot and employees tend to fall for them.
Can Your Domain Be Spoofed?
Can hackers spoof an email address of your own domain and get away with millions??
Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit “CEO Fraud”, penetrating your network is like taking candy from a baby.
Would you like to know if hackers can spoof your domain? Cino can help you find out if this is the case with our free Domain Spoof Test. It’s quick, easy, and often a shocking discovery.