Y Is For Yahoo’s Password Breach

Several days ago, a Network Box USA customer received an email from a Yahoo account belonging to one of his colleagues.  As the email was obviously spam, the customer was (understandably) concerned and quickly got in touch with me, asking me to find out what was going on.

An analysis of the email headers revealed that it had originated from Vietnam.  Hence, my initial comment to him was, “unless your colleague is, right this very moment, in Vietnam, someone stole his account and is using it to send out spam”.

I know now that I was on the right track – that email address must have been one of those stolen in this latest attack against online email services.  And, in fact, we’d just witnessed another one, barely a month ago, unleashed upon Hotmail accounts.

The appeal of such accounts is twofold – firstly, many people maintain their contacts online, so once a hacker gets a hold of their password, he can harvest new email addresses to which to send spam and viruses, smug in the knowledge that these are actual email addresses, so the emails _will_ reach their targets.

Secondly, the account itself can be set up to send out a bit of spam before Yahoo, or whichever other service was compromised, finds out and blocks it.  It’s a free ride requiring minimal effort and barely any resources to speak of, and it is (almost) impossible to trace – I mean, seriously, unless the customer is prepared to board a plane to South East Asia, who will ever trace and determine the real sender, from Vietnam, who distributed the spam to which I referred earlier?