Helping people with computers... one answer at a time.
So, I can't just call up Yahoo. But I will tell you what is the likely cause of all these breaches.
I've worked in computers since 1967 and all types on the PC since 1985. There's a problem out there and it is not being looked at. Yahoo mail is being hacked and Yahoo is not doing anything about it except blaming the user. My big mistake was when I paid for it and lost my email and Yahoo will not talk to me about it. I know a lot of people where their Yahoo email has been hacked and unless they have a keystroke virus, there is no way it's from their computer. If there was a keystroke virus, there would be other problems like credit cards and bank accounts. I see you have a number of followers.Maybe Yahoo would take a good look at the problem.
In this excerpt from Answercast #26, I look at the way that companies like Yahoo manage their servers and the role of the individual in keeping their accounts safe.
Unfortunately, you're not going to like my answer. I'm actually with Yahoo on this one and let me explain why that is.
I've been doing this for a really long time and in my experience, people are very, very quick to blame the service provider for various problems.
They will often claim that Hotmail must have been hacked because, "There's absolutely nothing I could possibly have done wrong that would have caused my password or my account to be hacked!" Where in fact, Hotmail was not hacked.
I'm going to claim that this same thing is going on here.
Even though you may not be able to think of exactly how your account could possibly have been hacked through anything other than something on the Yahoo side... the most likely scenario is:
That nothing is wrong on the Yahoo side.
That they are still doing everything properly
And that there has not been a breach or security issue at their side.
It's still more likely, much more likely, that individuals are getting their accounts hacked through individual means.
That can be any number of a series of things.
Of course, as you mentioned, it could be a keystroke logger. I don't think that having a keystroke logger would necessarily imply that there would be identity theft. It depends on what the hacker is attempting to cull from the keystroke logging.
Even without keystroke logging, I'm going to say that there are other approaches that could just as easily cause an account to be hacked:
Things like poor password choices.
Things like poor security question choices.
Things like using a laptop on an open Wi-Fi connection without using encryption (for example, at your local Starbucks.)
There are simply too many ways that individual accounts can get compromised.
Now, to be honest, and to be completely fair: there is too much that the average user needs to keep in mind for them not to be hacked.
It's hard. There are just so many things:
Maintaining a good password that you'll remember, but that won't be easily guessable, is not an easy thing to do.
Setting up proper security for your trip to Starbucks when you're going to use their free Wi-Fi; is an easy thing to overlook.
Setting up proper security account questions, secret questions, and so forth is a hard thing to do because it's often in an easy thing for others to guess.
You may know where I was born or you may know what I high school went to and thus what the mascot was. There are just many, many ways for individuals to get things just wrong enough for a hacker to sneak in and steal their account.
Not to mention things like falling for a phishing attempt, which is (at least on the Hotmail side) perhaps the single most common approach.
I have to side with Yahoo on this. There is very likely nothing at all going on that they can do anything about.
In general, the number of account hacks that I hear about every day (where people are coming to me) are accounts that have been hacked:
Not because there's been some massive breach at the other end.
Or because there's an issue at the other end.
It usually boils down to something that was overlooked by the end user.
I appreciate that you believe Yahoo would listen to me. I know for a fact that they don't.
There are just too many of us out here who would love to influence Yahoo, or Hotmail, or Gmail, in some way. We just don't have that kind of clout... but this is a case where I really don't have anything to take to them.
I really, honestly believe that the vast majority of hacks, I'll easily say 999 times out of 1000, is user error or user omission.
Next from Answercast 26 – When does installing a hard drive into an external enclosure make sense?
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.