[Boatanchors] Yahoo Email Problems

Glen Zook gzook at yahoo.com
Thu Jan 31 15:36:10 EST 2013

If one un-checks the "box" that tells Yahoo to keep the account "logged in", then one does not get the cookie.  I use Yahoo for things like E-Mail reflectors for a number of reasons including keeping SPAM away from my primary E-Mail accounts.  However, I never check the box which allows a cookie to be implemented.
Glen, K9STH

Website:  http://k9sth.com

 From: J. Forster <jfor at quikus.com>
To: ArmyRadios at yahoogroups.com 
Cc: boatanchors at mailman.QTH.net; VMARS at yahoogroups.com; ARC5 at mailman.QTH.net; Rebecca-Eureka at yahoogroups.com; Milsurplus at mailman.QTH.net; boatanchors at puck.nether.net; Vintage-Military-RADAR at yahoogroups.com 
Sent: Thursday, January 31, 2013 1:08 PM
Subject: [Boatanchors] Yahoo Email Problems
In addition to the PW theft I posted about yeszterday, there seems to be
another issue with Yahoo webmail accounts. It works like this:

Yahoo user logs into their webmail account. Yahoo sets a Cookie, allowing
user to return to that account without another login.

User is done with email, and goes off to surf or clicks some link, and
winds up at a malicious site. That site downloads the Yahoo-set Cookie.

User goes off and does other things.

Malware site uses the Yahoo Cookie to log into the user's account and
Yahoo grants full access- the malicious user has the correct cookie after
all. Once in, the malware can spam email the user's entire Address Book,
read the user's email, or anything else. The malicious uswer has full



The solution to this attack is to not click any links or go surfing
anywhere, while logged into your Yahoo account. I( know it's a PITA, but
blame the hackers and spammers.

More information about the Boatanchors mailing list