Hum Posted March 30, 2013 Share Posted March 30, 2013 Got another bogus e-mail from yet another Neowin member. Besides that, I received this: Hi Shaikh, We detected a login attempt with valid password to your Yahoo! account from an unrecognized device on Sat, Mar 30, 2013 8:37 AM GMT. Location: Ivory Coast (IP=213.136.121.219) Note: The location is based on information from your Internet service or wireless carrier provider. Was this you? If so, you can disregard the rest of this email. If this wasn't you, please follow the links below to protect your Yahoo! account information from potential future account compromise: To learn how sign-in alerts like this one can help you to protect your account information, please visit the Help Center. Sincerely, Yahoo! Account Services And I was not on my computers at 4:37 a.m. :s Link to comment Share on other sites More sharing options...
Neo003 Posted March 30, 2013 Share Posted March 30, 2013 First thing is to go and change the yahoo password (min 10 letter &/or Digits). Jose_49 1 Share Link to comment Share on other sites More sharing options...
Nick H. Supervisor Posted March 30, 2013 Supervisor Share Posted March 30, 2013 Looks like a phishing attempt to me. Change your password and disregard the email. And (as if it needs saying) do not click the links in the email. If it was a PM on Neowin, let me know the username and I'll look in to it. Link to comment Share on other sites More sharing options...
Hum Posted March 30, 2013 Author Share Posted March 30, 2013 ^ I changed it a couple of months ago, to something stronger, after it seems that someone tried to use my account to sign up with Facebook. Whomever is in the Ivory Coast, failed to get on my mail account. I'm not blaming Neowin, it's just that 2 people I became friends with on Neowin, have 'accidentally' sent me dodgy e-mails. Odd coincidence ... Link to comment Share on other sites More sharing options...
Steven P. Administrators Posted March 30, 2013 Administrators Share Posted March 30, 2013 So how do you know it's a Neowin member, and if so who? PM this sort of thing to a moderator please if you are being harassed by a member. Reading the first post makes me think it's just some kind of spam email (which I also get and is usually filtered). That IP address isn't associated with any registered member here either. Link to comment Share on other sites More sharing options...
Hum Posted March 30, 2013 Author Share Posted March 30, 2013 Both times I got strange e-mails, they were from names I recognized from Neowin, and have/had on my Yahoo chat. I have messaged the one guy thru Yahoo, that he might be infected with something. I don't think it is intentional harassment, but their computers are zombies, bugged in some way to get their personal e-mail list. I guess I will just ignore future, one line e-mails. Link to comment Share on other sites More sharing options...
Detection Posted March 30, 2013 Share Posted March 30, 2013 If you hover over the link in the email, is it a genuine yahoo URL or some weird IP or phishing URL ? Link to comment Share on other sites More sharing options...
Hum Posted March 30, 2013 Author Share Posted March 30, 2013 ^ It shows up in my Inbox like this -- with the little purple Y symbol, so that warning is genuine from Yahoo ... Link to comment Share on other sites More sharing options...
Detection Posted March 30, 2013 Share Posted March 30, 2013 ^ It shows up in my Inbox like this -- with the little purple Y symbol, so that warning is genuine from Yahoo ... When you open the email, and it says "Click this link to bla bla bla" When you put your mouse over the link (Don't click) it should show which URL it will take you to at the bottom of the browser (Or wherever your navigation bar is set) Have a look at that URL to see if it is genuinely going to take you to Yahoo! or somewhere else Example when I hover over the forum link, it shows where it will take me at the bottom Link to comment Share on other sites More sharing options...
Hum Posted March 30, 2013 Author Share Posted March 30, 2013 ^ I'm not sure what you mean. There are 2 different things that happened today. One -- I got an apparent spam e-mail from a current Neowin member, thru Yahoo. Two, I get an alert from Yahoo, saying that someone in the Ivory Coast, Africa, tried to log-on to my mail account, early in the morning. I mentioned both events, in case that were somehow related. Hovering over the Yahoo alert shows this .... I don't question that e-mail is from Yahoo: Link to comment Share on other sites More sharing options...
Detection Posted March 30, 2013 Share Posted March 30, 2013 Which browser are you using? Im using Firefox, and when I hover my mouse over any link, at the very bottom of the browser, the address that the link would take me to if clicked, shows as a URL address That way you can see where the link will really take you, despite what it says on the clickable part Example, if I put this URL here https://www.neowin.net When you put your mouse over it, you will see at the bottom of the browser that it will not take you to neowin.net When you open and read the Yahoo email, they have a link for you to click to take you to your login / fix security issues (They say that here) If this wasn't you, please follow the links below to protect your Yahoo! account information from potential future account compromise: When you put your mouse over the links they give you, what do they really show as the URL ? You could also right click > copy link location > paste into notepad Link to comment Share on other sites More sharing options...
Hum Posted March 30, 2013 Author Share Posted March 30, 2013 ^ Yep -- says Google.com ... why send me to such a scarey site :p And the 'decrativevideos', thing, reads the same Link to comment Share on other sites More sharing options...
Detection Posted March 30, 2013 Share Posted March 30, 2013 ^ Yep -- says Google.com ... why send me to such a scarey site : P lol, yep, so if you do that with the links in the yahoo email that they give you to follow, where do they say they will take you ? And the 'decrativevideos', thing, reads the same Ah ok, so the Yahoo email has the "decrativevideos" link inside of it ? And a quick Google shows that yahoo-inc.com is definitely spam I get emails from people in my address book sometimes, I just email them directly and tell them to scan and change password Link to comment Share on other sites More sharing options...
xendrome Posted March 30, 2013 Share Posted March 30, 2013 So you're getting e-mails from other people you know on Neowin? They must have you in your address book and they are compromised, not you. If that is the case, stop opening those e-mails and clicking on the links, then notify the sender in a different method that they need to change their passwords. Link to comment Share on other sites More sharing options...
francescob Posted March 30, 2013 Share Posted March 30, 2013 Whomever is in the Ivory Coast, failed to get on my mail account. Didn't the yahoo warning say the opposite? We detected a login attempt with valid password to your Yahoo! account Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted March 30, 2013 MVC Share Posted March 30, 2013 Personally I wouldn't walk from yahoo mail but run. I'd move to gmail and turn on two-factor authentication. articuno1au 1 Share Link to comment Share on other sites More sharing options...
TAZMINATOR Posted March 30, 2013 Share Posted March 30, 2013 So how do you know it's a Neowin member, and if so who? PM this sort of thing to a moderator please if you are being harassed by a member. Reading the first post makes me think it's just some kind of spam email (which I also get and is usually filtered). That IP address isn't associated with any registered member here either. Yeah but don't forget that, if a member was here before with an old IP... and he/she might have moved or switched a provider and have a new IP that this user is no longer visiting Neowin anymore.. and he/she probably know Hum in the past ... unless someone got Hum's email address from Hum's friends or family's address book. Looks like a login attempt to me... I have that happen to me... someone got my email address and replaced the info... I couldn't get it back or password recovery. I am working on getting it back. Link to comment Share on other sites More sharing options...
TAZMINATOR Posted March 30, 2013 Share Posted March 30, 2013 ^ I'm not sure what you mean. There are 2 different things that happened today. One -- I got an apparent spam e-mail from a current Neowin member, thru Yahoo. Two, I get an alert from Yahoo, saying that someone in the Ivory Coast, Africa, tried to log-on to my mail account, early in the morning. I mentioned both events, in case that were somehow related. Hovering over the Yahoo alert shows this .... I don't question that e-mail is from Yahoo: Hum, The from email doesn't matter.... because spammer usually send email from anonymous email system which they use someone else's email address in "From" field. But, in the email header, it will show an IP that was sent from... You can't tell if it is a proxy or not. All you do is ignore those email from now on... unless if it is hate or harrass email all the time, report them to ISP, cops, and/or FBI. They will take care of it. If the email shows that they wants you to send money, then ignore them. Filter these. So you won't get these anymore. You can change the password every few months for protection unless you move on to email provider with 2-step vertification like Gmail. If you like Yahoo Mail layout, then you can use your gmail address on yahoo login page at yahoo mail. That way, you wouldn't worry about that crap anymore. Link to comment Share on other sites More sharing options...
Hum Posted March 30, 2013 Author Share Posted March 30, 2013 So you're getting e-mails from other people you know on Neowin? They must have you in your address book and they are compromised, not you. If that is the case, stop opening those e-mails and clicking on the links, then notify the sender in a different method that they need to change their passwords. I did send a msg to the guy I got an e-mail from, dated yesterday. The other person from a couple of months ago, I have no contact with. Didn't the yahoo warning say the opposite? Detection says this is not a real Yahoo message. And looking at the log-in pages, no one was able to log-on to my e-mail account. Link to comment Share on other sites More sharing options...
francescob Posted April 1, 2013 Share Posted April 1, 2013 Detection says this is not a real Yahoo message. And looking at the log-in pages, no one was able to log-on to my e-mail account. Then contact Yahoo support? I don't think it should show fake yahoo messages as legit with the yahoo icon like that. Link to comment Share on other sites More sharing options...
articuno1au Posted April 1, 2013 Share Posted April 1, 2013 It's possible someone has sufficiently spoofed the sender ID system on Yahoo.. It's worth noting Yahoo exposes client IP addresses in emails. I had a guy abusing me via email on my service. In the header it showed the originating IP and I tracked the guy down and suspended his accounts. I wouldn't touch Yahoo mail for all the money in the world. I'm all in favour of moving to Gmail/Outlook if you get a chance >.> </unsolicited advice> Link to comment Share on other sites More sharing options...
Growled Member Posted April 2, 2013 Member Share Posted April 2, 2013 I wonder if someone isn't messing with you. Link to comment Share on other sites More sharing options...
Hum Posted April 2, 2013 Author Share Posted April 2, 2013 ^ Could be -- those Canadian guys are strange. Link to comment Share on other sites More sharing options...
Growled Member Posted April 3, 2013 Member Share Posted April 3, 2013 ^ Everyone seems a bit strange these days, to be honest. Link to comment Share on other sites More sharing options...
Recommended Posts