questionsdoes anyone else have their yahoo mail hacked all…


Remove the viruses and keyloggers from your PC would be my suggestion.

Yahoo mail has been my primary account since the late 90's and I've never been hacked.


@samstag: I don't have any viruses on my PC.


@xtreemsaver: So please explain exactly what you mean by "hacked." What is happening, what is the result?


Do you have a guessable password? Maybe a password you also use on other sites? Share wireless internet with neighbors or use free wireless in public places a lot?

If it's getting hacked on a monthly basis you've probably got a security hole somewhere on your end.


@magic cave: Someone gets into my emails and sends unwanted emails and ads to all my contacts. Its embarrassing and frustrating. I do change my password and maybe a month or two later it happens again.


@xtreemsaver: I'm with @samstag on this one. It's almost certain that the security problem is on your end. The reality is that you're just not important enough (none of us is) for someone to "hack" your account so they can use your email contacts. It's likely obtained by a data breach at some place you send mail. Change your password to something very secure. Don't store it anywhere. Change it weekly, even if all you do is add a different numeral to the front or back.

I've had one of my AOL user IDs "stolen" twice, access gained to that ID's address book, and spam sent out under that account. I understand exactly what you're going through. The solution for me -- that has worked for two years now -- was exactly what I suggested above. Change the password now, don't store it anywhere, and change it slightly every week or two.


That doesn't sound like a hack. It sounds like some kind of virus, malware, etc. on your computer that's doing it. If your antivirus is not turning up anything, try Spybot Search and Destroy.


@magic cave: Ill give your suggestions. Thanks.


There are MULTIPLE problems with Yahoo's email accounts. In the past two years, the uptick on compromised accounts is never-ending. They have a skeleton staff of people managing security (for everything, for all their properties, including poor Tumblr, now, I suppose). I happen to have a Yahoo account (no, not the obvious, but I have one), and I check it regularly. I think that yahoo has had compromises that have permitted large numbers of password files to be captured. What's happened then is that some of those accounts that were originally compromised seem never to escape the cycle.

In some cases, I've noted that the yahoo users had used their email on Facebook (and apparently used the same password for both), but that has been a problem of poor password management rather than an issue with FB. I've seen a couple of accounts that have been compromised 3 times. These are not kids, but not especially technical folks, either.



@magic cave: Ill give your suggestions a try. Thanks.


For people that are having this issue (of compromise, or worse, repeated compromise), consider making sure that you are logged out of your account, then using a friend's computer (hopefully trusted) to log in and change your password, and security questions, and WRITE THEM DOWN.

Then run the virus checkers or other items that folks here have suggested.

Please, choose a decent password. There's a hundred and one places out there that will give you good suggestions on good passwords. Good ones are at least 8 characters long, have mixed case letters, and non-alpha characters as well. Some places will not let you use certain characters (I'm looking at you, stupid bank sites), but the more complex your password is, the better.

WRITE IT DOWN. Yeah, I know I said that. I'll say it again. Please, write it down. I keep my passwords in a Safe Deposit box at the bank (along with other items).

Good luck. I'm sorry. Yahoo sucks. Have you thought about


Just as a final note, NO, my account has not been compromised. Then again, my passwords are not solvable in NP(Hard) time, so I am unconcerned. Yes, after I select a password for use, I *TEST it. I am that paranoid (and also knowledgeable).

Then again, I've been using PGP since 2.3a (oh, so long ago, when many of you here were not yet born), so I've always been this nuts.

It's not whether you're paranoid. It's whether you're paranoid enough.


I have noticed that for whatever reason, yahoo accounts seem to be the ones most often compromised by spammers. I'm not sure why it is that they seem to prefer to target them over the various other free email services but I get spam from my friends' compromised yahoo accounts on a regular basis.


@xtreemsaver: You say you don't have any virus do you know this?

If your answer is "I have Norton" or "I have McAfee"...those only provide the illusion of security. If you use either one of those, oh yes you most certainly do so have a virus. Possibly several. Run ComboFix and get rid of it/them.


My two bits is download and run the free version of malwarebytes. If you don't get any results try CCleaner and get rid of any accumulated garbage, but be careful it can remove things you want to keep and it affects the registry. If properly set CCleaner gets rid of all kinds unpleasant stuff


Does someone else have access to your computer, is it ever unattended when you are logged in . Yahoo mail could be compromised by someone else using your computer to play a game or any other activity that involves permission to make changes to your computer.


@mybestuser1: I second that - I use CCleaner and malwarebytes on a weekly basis. They are great. I have had a yahoo account for many years, never had any issues.


@xtreemsaver: Yahoo does offer 2 factor authentication. You set it up with your mobile phone number and when there's a suspicious log in attempt eg not from a computer you've authorized you will get a prompt after the password screen to enter the code texted to you this means the hackers would have to have your user name password and phone to send out their spam. Your password could literally be Password and no one would be able to access your account without your phone. (I still wouldn't advise using Password as your password) I would advise you to turn this on as well as follow @magic_cave's advice..

I'd also suggest last pass for a password manager/generator. The extension for chrome and presumably other browsers is amazing.

@shrdlu: I'm gonna tag you in this as well because you seem like you enjoy security. Hope you didn't already know about this.


@gideonfrost: I knew you could do this, yes. I saw the notification. I didn't really have much comment on it. I don't really think giving my phone number to Yahoo is good security, but yahoo isn't otherwise careful with my data, and that influences my opinion on this.

Besides, Gmail is always suggesting I should give them my phone number. Gosh, no thanks, google, not even just a google phone number, nope.

I like PayPal's two factor. I have a little key fob (it looks to be RSA on the inside), and it cost me $5. I need the pin from it to login to eBay or to use my PayPal account. I've used similar systems when I worked, and even though RSA had a bit of trouble a while back, it's still better than the alternatives.

The big problem with many yahoo accounts, initially, was that they lost a chunk of passwords, and someone (or multiple someones) solved many of them off line. Linked In had that happen, also, you may recall. Security is hard, but solvable. It just costs $$$, time, and staff.


I have had my hacked in the past, and recently thought it happened again, but further investigation showed no e-mails coming from my account. I was getting notices from about e-mails not being delivered due to an account being closed or non-existent. Turns out I had been getting "forged headers" whereby some scammers in Amsterdam inserted my e-mail address in their e-mail header to make it look like I sent the e-mail. Even Yahoo gets fooled as they send me a "non-deliverable" notice as noted above. Here's a link with more info:
Hope this helps!


Yahoo and security are two completely different things. Yahoo blows, but I can't give up my ten year account for nothing. Not even Ron Jeremy's magic pills!


Echoing what @jazzsinger said about Spybot S&D, but add Malwarebytes. One doesn't find everything, and the checks WAAAAY offset the time you'd spend fixing problems.
In addition, consider donating to Spybot, a quality project updated constantly due in part to those of us who do a little to support it.


@xtreemsaver: I would suggest following the steps on this page:

There is a virus which will send emails from your account. It will grab a group of your contacts, batch them up and send out spam emails. If the malware scan (Malwarebytes) identifies anything, post the log and I'll look at it for you. My educated guess is you're infected.

You may have to copy and paste my link.


@missellienc: All great information. Thanks everyone.


I've had it happen to me and multiple friends multiple times. Only Yahoo accounts, though. The last time somebody got into my Yahoo account, they used it to get into my Gmail account by means of password recovery, and then used my Gmail account to steal my Steam account with password recovery. They also tried to steal my minecraft account, but the whole google account was deleted for some reason around that time. It was a pain to get back, but I was very thankful that I was able to. I have my whole life on my Google account, pretty much. Luckily, they didn't steal anything more valuable and I was able to recover everything that was stolen.