Announcement

Collapse
No announcement yet.

@yahoo.com.au --- email address books hacked?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • @yahoo.com.au --- email address books hacked?

    Hey all,
    I had a tonne of spam email this morning that was coming from real Coffee Snobs member names but fake email addresses and it was CC'd to real people in their address book.

    Guessing from the volume of different names many thousands of Yahoo accounts were hacked or just their Yahoo address books were hacked.

    I suggest that if you use Yahoo.com.au change your password and/or contact Yahoo support for some answers.

  • #2
    Doesn't look like my account was used but I changed the password anyways.


    Java "Change!" phile
    Toys! I must have new toys!!!

    Comment


    • #3
      Interesting... it was only "com.au" Yahoo accounts that I received spam from not dot com.

      Comment


      • #4
        Could it be some form of brute force spamming where the SMTP address is spoofed and spam is sent to a range of usernames? Or were the SMTP email addresses used by CSers to sign up to Coffee Snobs?

        Comment


        • #5
          Nah, neither of those.
          The email isn't coming from their yahoo accounts but is using their name.

          It's tricky to post here without disclosing real information but I'll try.

          Assume there is a CS'r called "John Smith" who uses an email account of johnsmith@yahoo.com.au

          I'm getting junk mail from an account: johnsmith@tninet.se (junk domain but the real yahoo username)

          And it was sent to the following people (me included)

          alanfrew; allan; Amber Kane; andy rumary; andy; ann porter; annemarigold; anthrox; HINDER Miriam John Curtin College of th; AskUs; ben; bethan richards; Leanda; boarding rabbitshop; brianandcarols; brihan; Penny; churchill labs; CLARKE Tenielle John Curtin College of th Arts; coffee

          Unfortunate for me that "andy" is so early in the alphabet!

          So it looks like a real contact list that and all people that have had email from johnsmith@yahoo.com.au in the past and "might" click on the dodgy link included in the email that points to a OPEN.PHP webpage.

          We get tonnes of spam but this is different in that it's using real usernames and their real contact lists... not lists made-up from educated or blind guesses.

          So I have to assume that the at least the Yahoo contact lists were hacked, if not their whole webmail accounts.

          We copped similar from hotmail a few years ago, those email addresses were brute forced and then all their contacts were emailed.

          Comment


          • #6
            Andy, did the dodgy link purport to be to a document that came from a printer/scanner? Just asking as we had a bunch of stuff hit today of this nature.

            Comment

            Working...
            X