Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Yahoo mail account password stolen by a scammer

  • 01-09-2008 10:38PM
    #1
    Closed Accounts Posts: 913 ✭✭✭


    Howdy,

    Today my friend had his yahoo mail account hacked.
    Someone changed the password, and emailed all his contacts
    stating he was in immediate help and please send 2500USD
    via western union to Africa.
    While we think/hope nobody did send the cash
    (the email stank of scam - bad spelling, punctuation..etc)
    we're more concerned with enabling the account again,
    and finding out how it was compromised in the first place.

    On the latter we have:

    1) His regular setup is a win vista laptop on a home wireless WEP connection.
    2) He has used his laptop sometimes in cafes on open wireless networks.
    3) 2/3 weeks ago he used a shared computer to login to his yahoo account.

    I think 3 is the most likely but why the time lapse?
    I guess vista is pretty resilient to spyware ?
    Since yahoo passwords are SSL encyrpted, I think 1 & 2 are unlikely candidates?

    Any ideas ?

    Oh, and just for a laugh here is the email:

    Date: Mon, 1 Sep 2008 11:55:44 -0700
    From: <my friends name>@yahoo.com
    Subject: An Emergency
    To: <my friends contacts>
    Hello,
    I am in a hurry writing this,I had a trip to COTONOU, Unfortunately for me all my money got stolen at the hotel where i lodged from the attack of some armed robbers and since then i have been without any money and i am even owing the hotel here,so the hotel telephone service is disconnected,so i have only access to emails,my mobile phone cant work here so i didn't bring it along, please can you lend me 2500USD so i can return back and settle the hotel bills,i would return it back to you as soon as i get home, I am so confused right now.You can have it sent through western union, My passport is with the Embassy here so i cant use my name to collect it now but if you want it sent on my name i will have to get my passport from the embassy, But you can have it sent directly to the western union Manager here and i would get it through her as she helps the people here in the hotel to receive there money,I have already spoken to her and i have also collect her full name and address where you can send the money today.and if you don't have up to that amount just get anything sent to me....please send the money through WESTERN UNION MONEY TRANSFER you can get a store close to you
    I'll look forward for the SENDER'S NAME AND AMOUNT SENT AND THE (MTCN) Money Transfer Control Number to relieve the money.i will really appreciate it if you can send some to me
    this are the details to send it to
    NAME: <My friends name>
    ADDRESS: 03 BP 0524 COTONOU
    DESTINATION: COTONOU BENIN REPUBLIC.
    TEXT QUESTION: WHAT IS MY NAME
    ANSWER: <my friends name>
    Thanks in anticipation...Hope to read soon
    BEST REGARDS.
    <my friends name>


    TIA
    HD

    PS: Anyone know someone in Cotonou, with a gun ?


Comments

  • Registered Users, Registered Users 2 Posts: 605 ✭✭✭PaddyTheNth


    On the 'how did it happen' side of things, is he sure that he didn't get a "You need to reauthenticate your login details" email which looked like it was coming from Yahoo staff?

    Not trying to be insulting, but its not uncommon at all, I know a few people who got stung by it on hotmail.

    One of my friends who lost a hotmail account they use for business had some success from contacting hotmail/ms directly. There was a customer service address which could be found after a bit of digging through the site.

    Customer service responded with questions about my friend's IP and asked for details of emails which would have been in the inbox or recently sent from the account.

    A second friend actually contacted the guards, who believe it or not sent it on to the online fraud dept. They sent an email back saying they were investigating etc etc but seeing as the perpetrator was probably in nigeria they obviously didn't get anywhere. However when friend 2 forwarded that email to the hotmail customer service rep he was dealing with he got instant success and had his account restored no questions asked.

    IMO if the security questions have been changed the only way to get the account back is by contacting them direct, unless you know someone with a 0-day exploit for yahoo mail.


  • Registered Users, Registered Users 2 Posts: 1,757 ✭✭✭Deliverance XXV


    Could just have been as simple as a keylogger. You might consider having a look at the sticky at the top of this forum, posting a log file and the guys here can tell you if your computer is infected.


  • Closed Accounts Posts: 913 ✭✭✭HarryD


    Thanks for the replies guys.

    I did a bit of scam baiting, and found that the person sending the emails was actually in Benin.
    I had a look through his hijack this log and it seemed to be clean.
    He was able to get his account re-enabled via yahoo customer service.
    We reckon it musta been the shared computer. Spyware or key logger.
    I don't understand why the delay..
    I must ask him about re-verifying his details previous to the incident.

    Cheers,
    HD


Advertisement