Reports suggest malicious spam is still spreading across Yahoo email accounts despite efforts by the company to eradicate it. Criminals allegedly responsible have links to Russia and California.
According to Channel 4 News in the UK the criminal hacker behind this scam has been identified and the FBI is now investigating what looks like a global campaign, one that may have been going on for some time. The report suggests the perpetrator is Russian but using a server located in California. (Not so surprising since research by the APWG, Anti-Phishing Working Group, consistently finds more phishing sites hosted in America than any other country.)
So far this year, thousands of Yahoo users have been forced to change their passwords after finding accounts have been broken into from remote locations across the world. Users have said that friends and contacts reported getting bizarre emails which contained a single link. According to the Channel 4 story, this link led to a website, itself hacked, and opened a page promising a get-rich-quick scheme which asks for a credit card number.
However, there are differing accounts about the exact nature of the scam. Some reports claim the link downloads malware to the victim’s PC, that it spreads itself to some contacts in the user’s directory, or even that the account is completely taken over by the hackers and will only be unlocked if the victim pays a $100 ransom.
If you use Yahoo! Mail we recommend that you institute the “Second Sign-in Verification” process on your account. This uses one-time passcodes sent as SMS messages to your cellphone just like similar systems from Facebook, Google, and the two-step verification from Apple we discussed recently. The web page to begin the process is here: https://edit.yahoo.com/commchannel/sec_chal_manage. After you confirm your identity you will see something like this:
Here’s what will happen after you complete the process:
When you sign in [to Yahoo! Mail] with an unrecognized device or computer, you will have to answer a security question or enter a verification code that we’ll send to your mobile phone or non-Yahoo! alternate email address on file. This second sign-in verification will further protect your account from unauthorized access.
Definitely worth doing!
Author Rob Waugh, We Live Security