You’ve Been Hacked: Has your Yahoo email account been compromised?

Sample suspicious link

Sample suspicious link

Since last Thursday, I’ve received about seven spam emails from friends with yahoo.com.sg accounts (one of these was a yahoo.com account).  Here’re some common characteristics of the spam mails:

a.  The emails have no subjects and contain a German link (in some cases, a “.de” link)

b.  The email accounts belong to Singaporeans or people based in Singapore.  When I contacted some of them – including my mother – to verify, they confirmed their accounts had been hacked.

I became worried – seven spam emails from known sources in the space of two days.  That’s a lot!  I posted updates on my personal and client’s Facebook account (okonekey) in an attempt to gather evidence of widespread hacking into Singaporeans’ Yahoo accounts.  True enough, many of my contacts reported either receiving or sending out spam mails.  Some of my client’s Facebook fans, normally quiet, also reported the same.

How many accounts have compromised in Singapore and why has Yahoo been so quiet on the matter?  At least send out an advisory educating on the importance of changing one’s passwords regularly and activating two-factor authentication / 2FA (also known as two-step verification in Yahoo’s lingo).

Yahoo’s silence is deafening.