It’s been less than a week since I’ve upgraded to the new Yahoo! Beta Mail and now everyone in my address book has been sent a spam link – allegedly by me.
This of course is a major ball ache.
However, it looks like there’s nothing in my sent items to collaborate the story – so I wonder how anyone could hack in? What’s more is that I’m one of countless people this has happened to – so many of my friends have had plague this recently.
Thursday morning at 3:44am all my contacts have apparently received a link from me – no attachment or anything, just some junk to a viagra site or similar. In fact the link itself was different for different people. Thanks for my contacts they forwarded the email back and told me about the incident.
Even though the hackers did have access to my contact details, I found nothing in my “sent items” folder or in the trashcan which suggests this attack has happened remotely.
Remember these questions on Facebook that you can “import contacts” from your webmail accounts? This works via some API that lets third parties connect to your address books in Yahoo, Gmail, Hotmail and all the rest of them. I’m not sure how much access requesters get through this API. The actual message sending would have happened through a different server, not via Yahoo.
So I went and changed my password immediately – from something classed as “strong” to something even stronger – I hope I’ll be able to remember next week.
What plagues my thoughts now is: how did this happen?
Somebody must have quite clearly gained access to my password. Or to my computer while I was logged in to my Yahoo mail. Either way that’s a frightening thought. Have I got a virus on my system? And if so which system? At this point – I started reading about all kinds of antivirus software reviewed to find out if I’ve been hacked and if I need something to clean it up.
Have my communications to a WiFi hotspot been intercepted? Has my home broadband been compromised? If my email has been compromised, will any of my other online service be next? Facebook, Twitter or one of my gazillion websites?
I keep thinking that maybe it’s becasue I’ve changed to Yahoo! Beta (after changing to the “all new Yahoo” only a couple of years ago) – but is that realistic?
My friend Andy Toms had the same trouble with Gmail recently – so it’s not a Yahoo specific problem. He too apparently sent a spam link to everyone in his contact book. And my good friend Dave Lee sent one that “his family was held at gunpoint and would we all please send money via Western Union”.
Julia had some trouble a few years ago: she used the same password for her email that she used for her eBay account. Somehow hackers got in, blocked incoming mails from eBay, then setup some elaborate selling scheme of rancid fitness DVDs. When eBay tried to contact her she never found out – only months later did she find out that her account had been suspended. You feel like a rape victim AND a criminal at the same time when these things happen.
So what are we going to do now?
Panic, run around madly and cancel all Internet communications? Live the luddite life under a rock in Faraway? Never send another tweet or touch that email account again? Or shall we just change our passwords and sleep well tonight, knowing we’re not alone with this problem?
Or shall we be jelous that all our address book contacts will be getting the best priced Viagra in the world for the rest of their lives?
Food for thought. Discuss!
Oh, and change your email password just in case…