Share with your network!
Yahoo Mail announced a security attack yesterday where they observed hackers had been logging into peoples' Yahoo email accounts using usernames and passwords that appeared to come from a third party who had access to this information.
A Yahoo news article said that "A malicious computer program armed with Yahoo Mail passwords and usernames apparently slipped into accounts aiming to glean names and addresses from messages that had been sent."
Once they noticed the attack, Yahoo quickly moved to reset the passwords of all the impacted accounts, which means that the affected users will have to use second sign-in verification to get access and re-secure their account. This involves either providing the answers to security questions or having Yahoo send a text message to your previously registered mobile phone number.
Often when an attacker gets hold of people's email account credentials, they use those credentials to login to the account and send spam. In this case, the attackers appear to have been after information about the people to whom the victims had recently sent email.
This raises the question, what was the attacker going to do with this information when they got it? One obvious use for this data is for targeted phishing and fraud attacks, either against the original victim whose email account was accessed, or against the people to whom the victim had recently sent email.
By knowing the names and addresses of both the sender and receiver of email, the attacker could craft fake emails that appear to come from someone the victim knows. The victim is therefore more likely to open the message, believe it and take the requested action.