Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Email account hacked?

Poncho

Poncho

macrumors 6502
Original poster
Jun 15, 2007
470
184
Holland
All entries in my yahoo mail address book have received bogus emails from me but the address of the emails only begins with my name and ends with some strange domain name like bookstore.com.

I have two-factor authentication for my yahoo account, there are no sent emails in my account when looked at online that I did not send and no sign-ins on days and/or times that i did not sign in.

How can this be possible? Basically, how can someone get my yahoo mail address book?

Looking at the email headers the emails have been sent from an ISP in Canada. I live in the Netherlands.

It has been going on for weeks.

Any clues, solutions very welcome.
 
My recommendation is to ditch Yahoo, sorry to offer to you. I used Yahoo about 10 years ago and all of my contacts were spammed. About 5 years ago, I gave them another shot and the same thing happened. I also had another, unused, account that I used just to store contacts and then they were spammed.

I get some spam from a friend every couple of days who refuses to quit using Yahoo as an email provider. I've asked her to remove my contact information from her Yahoo contacts - it's my iCloud account tied to my App Store accounts (my fault there), but she just won't do that for me.

There's a long history of Yahoo being compromised in this fashion - just look up "Yahoo contacts hacked" and you'll find a lot of feedback, sorry to report. There's no "fix", except to move to another email provider. I'm done with them, and I'd recommend that you consider abandoning them as well. I've had no issues with Office 365, Google Apps, Gmail, Outlook.com, or iCloud in this regard - but I'm 0-for-3 with Yahoo.
 
Thanks campyguy. I'd love to know how this is actually achieved though, as I have two-factor authentication etc. It shouldn't be possible, surely.
 
FWIW, I never figured it out but read dozens of similar reports. The latest account I alluded to in my OP - I never used that account except as a "repository" for my contacts and other Yahoo services. One day, I got an email from one of my contacts - a client, which was embarrassing to say the least. By the end of the day, I'd received about 20 other emails or calls and then I'd figured it out as some of them were only in that Yahoo account or on a hard drive (a backup). Two of my friends have gone through the same experience, but they love Yahoo.

I've had this link bookmarked for over 10 years: https://help.yahoo.com/kb/SLN3417.html - it's a backdoor issue they've never seemed to have solved IMHO! Cheers!
 
Thanks Ocab, but I already have two=step verification enabled.

Fine photos by the way
 
Poncho said:
Thanks Ocab, but I already have two=step verification enabled.
Click to expand...

My oversight.

Did you ever get a copy of the email headers of the emails supposedly sent from you to your contacts? That would give you a better indication of where the email came from, and if it actually did come from Yahoo's servers or if they were forged.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back