How email accounts get hacked

Posted by

On the evening of Monday 16th July 2012, I received an email in my Yahoo email account on my blackberry. It was from “Yahoo!”, and read as follows:

Picture1
The phishing email, allegedly from Yahoo!

Dear Customer,

We have discovered that your Yahoo mail account has been accessed on multiple computers and from different locations, We strongly suggest that you upgrade and secure your account immediately to avoid the suspension.

Please click on the link below to update and secure your account with our new security update.

https://mail.yahoo.com/secure=sign

Thank You.
Yahoo ©.

Now, I know that I’m guilty of ‘multiple logins’ into my internet accounts due to the large number of apps and devices I use for my internet browsing. Still, I was suspicious. As I was also browsing on my laptop at the time, I decided to check out the email on my laptop browser. I opened and read it again, and the suspicion grew. Why would Yahoo! send me this email, when I was already securely logged in via my blackberry?

I decided to follow that link, and it led me to a page that was ALMOST IDENTICAL to the regular Yahoo! Mail login page.

Picture2

Then I checked the address bar, and saw this address: “http://sharonha.com/modules/yahoo.com/

Picture3
The web address of the phishing site.

So my suspicions were well-founded! This was a phishing site, that would imitate legitimate email accounts to trick people into giving up their email account login details!!

I was able to discover this crooked attempt because I’m tech-savvy, and I’m very security conscious. But think of the huge number of regular email users who are not tech-savvy! As soon as they see the Yahoo! logo, they would simply put in their account login details. And once that is done, they may as well kiss their accounts goodbye.

When surfing the world wide web, please be very careful about where you login. There are many fake sites that imitate legitimate commercial sites (like facebook, Yahoo!, Gmail, Ebay, Paypal, etc) and trick people into giving up personal and financial login details.

4 comments

  1. I find that hovering over the supposed link in my email when on my laptop usually shows me the web address without me having to click. And to date I’ve never clicked on a link I didn’t know the source of.

    In your case, what came after “Thank You.” would have raised my suspicion.

    Recently, I logged into my Windows Live ID and received a message that my email address had been used for spamming and it wanted me to verify my details and change my password. That to me was a more sensible way to inform users that their account may have been hacked.

  2. Hello! I just wanted to ask if you ever have any problems with hackers? My last blog (wordpress) was hacked and I ended up losing many months of hard work due to no data backup. Do you have any methods to protect against hackers?

Have Your Say

Your email address will not be published. Required fields are marked *

Discussions are moderated for civility