Despite its efforts to fix vulnerabilities, Yahoo’s Mail users continue reporting hacking incidents
Yahoo Mail users have been seeing their accounts broken into for months. While Yahoo says it has plugged at least two separate security holes leading to accounts getting hijacked, it appears the problem persists.
It’s unclear how long these attacks have been going on for, though we did first report Yahoo Mail users were seeing their accounts compromised back in early January. We’re now in March, and it appears that Yahoo still has a big problem on its hands.
Not only are we still getting reports from individual Yahoo users about their accounts getting hacked, but we are seeing spikes in traffic from Google to our previous stories. We believe these clicks represent a rise in users realizing their inboxes have been hijacked after hackers send out a bunch of emails from already compromised accounts.
Attacks typically consist of Yahoo users receiving an email from a friend or colleague (and sometimes a completely unknown party) containing a link that if clicked on, results in the account being hijacked. Some say their hijacked accounts send emails to select individuals, others report they get sent to all their contacts, and one even noted that they went out to “anyone I had ever received and/or sent a message to.”