For close to three weeks, Australians have been bombarded with spam coming from Yahoo Mail sender addresses. Our data, based on spam trends as Australia’s largest independent email security provider, estimates Yahoo spam averaging at 33% of all Australian spam during this period, with a peak of 40%.
The spike in spam is most likely related to a vulnerability on developer.yahoo.com which led to Yahoo email accounts being hacked. Yahoo quickly addressed the problem and encouraged users to change their passwords to a strong password and to enable the second login challenge in their account settings.
Compromised email accounts are being used to send “work from home” related spam to addresses in Australia. Whilst MailGuard is stopping spam from reaching Australian businesses, we’d encourage all users to be extra vigilant against this kind of email and whatever happens, do not open or click them. Messages may come from people you know and trust.
What to do if your Yahoo account gets hacked
If you suspect that your Yahoo account has been hacked or has been relaying spam, you should immediately change your password and review your account and security settings. Yahoo has an extensive help section that has more details about securing your account.
It’s good password security practice to not use the same password across a number of web applications. Nevertheless, if you use the same password across different platforms, make sure you change them and secure your other accounts.
Why do spammers favour free webmail services like Yahoo and Hotmail?
Not too long ago, we explained why spammers favour relaying spam through Hotmail and other free webmail services. Yahoo Mail is favoured for similar reasons.
It’s possible to relay large volumes of spam through Yahoo because it formats messages with appropriate headers and standards that make a message appear cleaner than it actually is. Another factor is the sheer scale of legitimate messages that Yahoo sends, filters cannot just blacklist their servers without leading to a large volume of false positives.
What’s more, Yahoo’s large, powerful network of servers allows spammers to send out tons of email in a very short space of time. If spammers messages are bypassing filters, Yahoo allows them to hammer away to get as many through as possible.
With over one hundred million users of the Yahoo Mail Service, chances are users may be more likely to trust messages from a known brand and be susceptible to spammers.
Want a solution?
You can protect your business today and remove 99.997% of spam with a 14 day free trial from MailGuard.