[kwlug-disc] OT: Hotmail/Yahoo account breakins
paul_nijjar at yahoo.ca
Sat Feb 16 12:20:04 EST 2013
On Fri, Feb 15, 2013 at 07:38:01PM -0500, Khalid Baheyeldin wrote:
> On Fri, Feb 15, 2013 at 12:53 AM, unsolicited <unsolicited at swiz.ca> wrote:
> >> In theory, yes.
> >> But not all services provide forwarding nor POP/IMAP (AFAIK, only Gmail
> >> allows it).
> > MANY do, including hotmail and yahoo. Live, gmail, rogers, the list goes
> > on.
> All of them have forwarding and POP/IMAP. But Gmail is the only one
> to have these features free of charge.
In my investigations, I found that yahoo.ca had POP servers available
for free but that yahoo.com did not.
In looking through this thread I am trying to figure out good advice
to give to (somewhat computer anxious) computer users. So far I have:
- Use NoScript (which I probably will not give as advice)
- Open links in separate browsers
- Be wary of weird links and attachments (and check that the URL does
not secretly point to a malware site)
- Change your password after an attack
- Don't stay logged into your email?
- Use plain text email to stop link spoofing
- Stop using email
I am still looking for confirmed stories about how these vectors
attack. We have lots of speculation (and it is telling that everybody
has different theories) but not much evidence.
More information about the kwlug-disc