Yahoo users: Like Sarah Palin, you may be vulnerable to an e-mail hack

Out-thinking the hackers

My sister always gives false/wrong answers to the security questions. That seems like a good idea now. (I don't know if I could keep that straight, though.)

Yahoo break-in

I'm wondering who else's Yahoo email account was broken into at the same time as Sarah P's. Mine was, but I haven't seen any comment of this type from anyone.

Junk advertising was sent from my account to everyone in my address book. Later the system somehow deleted the address book. A day or two later junk mails were sent from my account to people who were NOT in my address book. All had yahoo email addresses, although from the returned mail I got, a lot of them didn't even really exist.

Wrong info in article

"If your Yahoo ID is different from your Yahoo e-mail user name, you should be reasonably safe from this kind of attack. So, if your Yahoo ID is sharonmachlis (mine's not), my Yahoo e-mail account should not be sharonmachlis@yahoo.com (it isn't). It should be something else at yahoo.com."

This isn't correct. If you enter an alais for the account (such as the emailname@yahoo.com), it will simply request additional information about you (DOB, Country, ZIP). That's not too hard to find. The only way to protect yourself from this attack is to lie about the answers you use when signing up. Unfortunately, I don't believe it's possible to change any of this info, once you've established an account.

Timely Topic -- oops

I know my (free) AIM Screen Name and alternate email address associated with it. But I forgot the password and my security answer. My security answer may be totally unrelated to the question as a poster above advised, but is not the same I use everywhere because that could be a weakness.

I'm still able to use it because it is saved in iChat at work. This is the only way I use this account (if it can be used other ways, such as email).

I wanted to use it in iChat at home, but since I forgot the password, I couldn't login.

AOL, the masters of Mail SPAM (remember the CD coasters), apparently has done an excellent job in avoiding receipt of Email. Just try to find an email contact that might help you. Especially if you are using the FREE account.

So basically I got locked out for 24 hours trying to guess my password.

AIM_Products@message.aim.com enjoys sending me email, but I cannot find a helpful contact.

So, is there a way to reset this password under these conditions? Or should I throw it away and start again (I guess like I originally intended or I'd be using a pay service)?

Thats why you never use real

Thats why you never use real answers for the security question.

Example:

What year did you graduate college? Don't put the real year - use some other significant year like Birth Year or Anniversary Year and so on...

Or What's your mother's maiden name? Don't put the real answer - put city you were born.....you get the idea - the answer doesn't have to be true.

I've started using fake answers on Security Answers years ago - in fact I use same answer no matter what the security question seems to be. That way its easy for me to track.

Mrs. Machlis, I thought this was where you were going with this.. how to better secure your security questions.... instead of becareful what you send or recieve, Big Hacker is watching.