Leave a comment

Close your Yahoo account now! Recent bug lets hackers read users' emails

Close your Yahoo account now! Recent bug lets hackers read users' emails

Do you still have a Yahoo Mail account? The tech company made its way onto the scene in 1994 and became a popular search engine and email service. However, it's had a very rough year.

First we learned of a massive data breach that could have impacted billions of users. Then we found out Yahoo was allegedly complying with a government security agency's request to spy on all incoming emails. Now, there is more troubling news coming out about the tech giant.

Security researcher Jouko Pynnonen recently discovered a severe security vulnerability with Yahoo Mail. The flaw would allow an attacker to access the victim's email account.

This was a cross-site scripting (XSS) attack, similar to the one discovered by Pynnonen around the same time last year. Watch this video to see a brief detail of last year's discovery:

Why this flaw is so alarming

What's terrifying about this is the victim wouldn't even need to click on a malicious link to be affected. You only had to view an email sent by the scammer for your Yahoo Mail account to be compromised.

Yahoo filters HTML messages, which is supposed to keep malicious code from making its way into a user's inbox. However, Pynnonen discovered a vulnerability that kept the filters from catching all malicious code. It had to do with different types of attachments that could be added to emails.

The good news is once Pynnonen reported the flaw, Yahoo fixed it. The tech giant also paid him $10,000 for discovering the vulnerability through its Bug Bounty Program.

Even though these flaws have been patched, it's been a rough stretch for Yahoo. If all of these problems worry you, you might want to close your Yahoo accounts. Here are instructions on how to do that:

How to close your Yahoo account:

  • Go to the "Terminating your Yahoo account" page.
  • Read the information under "Before continuing, please consider the following information."
  • Confirm your password - if you forgot your password, you can recover it with the Yahoo Sign-in Helper.
  • Click Terminate this Account.

Remember, if you do close your Yahoo account, you will not be able to use services associated with it. So if you decide to keep your account, at the very least make sure you have a strong password. Here are three proven formulas for creating hack-proof passwords.

You can also enable two-step verification, set up a Yahoo Account Key, or use a password manager. It's always better to be safe than sorry!

More news stories you can't miss:

How to get rid of spam in iCal and iCloud

Phishing scam spreading as fake package delivery notices

Browse less and watch more on Netflix - This new feature makes it easy

Next Story
Source: ZD Net
Phone numbers are changing in a big way
Previous Happening Now

Phone numbers are changing in a big way

This high-tech car will turn heads and break the mold in an unexpected way
Next Happening Now

This high-tech car will turn heads and break the mold in an unexpected way

View Comments ()