[SLK]

A very strange incident happened yesterday...
I received a mail from yahoo (on alt email id) that my account password has been changed and this is just a notification.

The first thing that came to my mind ... my account has been hacked!

And that was it... password changed ... secret question changed ... alternate email id changed...... wow... I am out of my own account.

Interestingly I was logged on to yahoo messenger all this time... so i tried to open my account through that as it logins using cookies.

All I could get in my account was my address book. I deleted all contacts.

That's it .. finally logged out of yahoo messenger.. never to be able to log in again.

On the other front I followed up with yahoo regarding this incident... and they asked me for some information I must have entered while making the account.
Ok, I did reply but I am not sure how much of it is correct as it was a 7 year old account.

Also, I mailed all my contacts not to interact through that account.

I got a reply from a colleague that his account was also hacked a couple of days back!

Now the real question is where is the weakness!...
My password? .. 8 chars alpha numeric and one special char
My secret question? .. it was really not that simple + someone should have known my birth date.
Yahoo has a back door?

The IP address of the computer which changed my password is from Buenos Aires...

Beware people...

[princezahed]

well this has been happening to a lot of people nowadays and if a person is even slightly net savvy,he/she can get back their old account....How you ask....Well..very simple....when you get to the login screen,click on the " Forgot Password" link and there request for a new password...This new password will be sent to your alternate email which iam sure is something other than yahoo...u can safely enter this new password and reclaim your old account...

[SLK]

Quote:

Originally Posted by princezahed

This new password will be sent to your alternate email which iam sure is something other than yahoo...

My alternate email id was changed buddy.... as I did not receive any mail when I tried this 3 times within an hour of the hijack.

[condor]

This situation is tough. Yahoo limits itself to its standard procedures for account hijacking. If it was within India, you could have got help from the cyber crime branch police to try get back to your account by finding who did it.

For every one, as a precaution, pls know what questions and answers you have selected, and keep changing the passwords regularly. Many of us dont remember what details we have used, and often people have given junk data too.

[adya33]

This might explain things a bit
http://news.com.com/2061-10811_3-6106934.html

[aZa]

Never open unreliable attachments bud. thats the one and only golden rule.

[yeis]

SLK, if your alt-email was changed, on which id did you receive this notification email? Was the changed alt-email too belonged to you? I mean the alt-email too is yours?

[spadival]

Yeah.. my cousin's yahoo id was also hijacked.

Once I got one of those spoof emails from ebay which momentarily fooled me into entering my ebay id and password on a fake ebay website. I had the presence of mind to check back and change my password almost immediately !!

[revtech]

LOL i just made a Yahoo Id this morning.i wonder when im goin to be in trouble.


Rev

[Samurai]

I lost my hotmail account once. In the 90s they had this stupid rule that if you don't access it for 30 days, it is deactivated and later removed.

But those days their customer service was available. After some email back and forth I was able to establish it is my account, I had to describe the contents of the email folders and then I got it back. That was probably in 97 or 98.

[SLK]

Quote:

Originally Posted by yeis

SLK, if your alt-email was changed, on which id did you receive this notification email? Was the changed alt-email too belonged to you? I mean the alt-email too is yours?

.. Once the password was changed.. only then the person could enter my account and change the rest of the details.
That said.. he did not come to know of my existing password.... but just could reset it.

[SLK]

Ok, I got a reply from yahoo... stating that they can not help me unless all info provided by me is accurate.

I sent the following reply.... stressing that a hijack is undeniable.

Quote:

Hi,

As for the answer originally provided for my secret question you can try the answer: ________

Do you realize this account was setup 6-7 year back and it's not possible to recall all the perimeters I had input way back then?

In light of all the undeniable facts do you really fail to see that this is hijacking?

1) My previous password was "_________" and has been so for ages and I KNOW THAT.

2) I got a mail on my alternate email id... that id was changed.

3) Since I was still logged on to messenger I could delete all my contacts - SEE CONTACTS WOULD BE BLANK

4) The password change was made by an ip address in Buenos Aires .. and I am here in INDIA.. from day one till date.

5) I contacted you within 2 hours of the password change - WHY the hell would I do it otherwise?

6) I can tell you I am subscribed to yahoo's ______________ group from where I still continue to receive mails.

7) I got a mail on my alternate email id "_____________________" that my password was changed. - And you can sure as hell verify that this was the alternate email id before the hijack.

8) I can also tell you a lot about the mails in my account. During the 1.5 years it's mostly from ___________________ and some from _________________ all these should be in a separate forwards folder.


After all this if you are still not convinced that its my account then I can't help it either .. because you are using more primitive methods than Flintstones to verify my identity.

Some suggestion... there is something called system logs go check them.

* See what IP accesses it normally ...

* who changed password...

* the account was in use through the messenger using IP 61.16.208.9, when at the same time someone with IP 200.82.37.45 changes the password. DOES IT MAKE SENSE?

This is no joke; you should be concerned someone hacked an account with a fairly complex password.

Regards,
________

[prakash2757]

hey buddy..

Seems to be an issue of keylogger.. which might be installed in your system.

Here is the mail ID for yahoo password help

account-security-help@cc.yahoo-inc.com

Just mail to them with all details, this is an official ID. will give u fast response. Giving u from my personal collection. as its not available anywhere on yahoo site,

One more thing, buddy I have seen ur reply to yahoo, U may not like it, but be polite to them. they will do it fast. If u use "How the hell" & other words, forget of any help. I have observed this personally so giving u advice.

[SLK]

Hey thanks.. but this is the email id I am already interacting with. When i filled the online form I got a reply from this ID.

Keylogger is unlikely... though I am not a professional by any standards.. I am still more than comp savvy... i know the name of each any every process running here.

My concern is... could it be that I used this messenger GAIM and its bugged?

I have already sent the mail.... so can't help it now.
but... they are idiots anyways.

[sandeepmdas]

SLK, I am not trying to "downgrade" your skills. It is a 99%-chance-case that someone has hacked into your account.
Instead of looking at yahoo for answers I think you should take a look into your actions like:
- when was the last time you logged into your account?
- and from which PC?
- you did a simulataneous login (both YM and yahoo mail)?
- which browser you used?
Chances this could be a work of some little SW that logged your keystrokes straight to home- Argentina in this case. If this happens again, you need to format ur PC.
Before that, download and install some tool that can resolve all request/ response from/to your PC. Then launch your default browser and go to yahoo mail. type some crappy UID and password. look at the tool's log for any anomaly. Try with YM too.