Join 3,363 readers in helping fund MetaFilter (Hide)


How can something send mail without logging in?
March 21, 2012 8:52 PM   Subscribe

How did my Yahoo mail get hacked to send spam without showing any login in recent history?

Tonight I saw a spam/virus message apparently from my dormant Yahoo mail account show up in a low traffic mailing list I am on.

I immediately logged in to Yahoo mail and was presented with the page that says my account has been dormant too long and I needed to answer some questions to turn it back on.

I then changed my password to something very tough to guess.

When I checked my sent mail I see ONLY one message was sent and that was the one to the mailing list. In my inbox there were some bounce messages to some random addressees.

When I checked the recent activity page I only see some log ins for my flickr account from a week ago and then my NEW activity since I decided to log in to see what was going on.

No activity was logged from earlier when the mail was sent (even though there is a out going message in my sent mail)

How do you think this happened?

Does Yahoo allow people in past the "your account has been dormant too long" without clearing that message the next time you come in?

Does Yahoo not log activity in that case?
posted by bottlebrushtree to Computers & Internet (7 answers total) 1 user marked this as a favorite
 
Spoofed email address. They did not actually get sent from your Yahoo account. SMTP will allow you to send with a return address you have no actual access to.
posted by FAMOUS MONSTER at 9:48 PM on March 21, 2012 [2 favorites]


This is called a Joe Job.
posted by aubilenon at 10:09 PM on March 21, 2012


I'm pretty sure it was not a spoofed email address or Joe Job since there is actually a email in the "sent email" of Yahoo.
posted by bottlebrushtree at 11:10 PM on March 21, 2012


I missed that detail. It might be possible that SMTP messages sent via Yahoo! don't show up as "recent activity" but they would still need your password to send them. But now I'm just guessing.
posted by aubilenon at 11:39 PM on March 21, 2012


Is your new password long enough to resist brute force as well as tough to guess, and are you using it only for your Yahoo account?
posted by flabdablet at 1:37 AM on March 22, 2012


Have you logged in recently from a mobile device? I did that recently for a fake account I have set up for signups and a day later I noticed it had been accessed from an IP in Spain. In my sent box there was a bunch of spam sent out and I had a bunch of bounced emails coming back in.
posted by chillmost at 1:53 AM on March 22, 2012


Seconding SMTP exploiting a hacked password. Changing your password will have helped.
posted by epo at 2:38 AM on March 22, 2012 [1 favorite]


« Older Is there a way to find out whi...   |  Should I get fillings of tooth... Newer »
This thread is closed to new comments.