How do you get a stolen yahoo account back?
August 12, 2005 2:43 AM   Subscribe

How embarrassing - I actually got password spoofed and my account stolen. How can I get my Yahoo account back?

Has anyone who lost a Yahoo account to a spoofer managed to get it back? How? How long did it take?
I have filled out the form here, and gave details of the (yahoo geocities) site housing the spoof, and asked that the email address change be undone, and the password reset. That was Monday. It's Friday now, and the spoof site has been deleted, and I have received a "Support Satisfaction Survey" which I suspect might mean that the case has been closed, but I don't have the account back.
What is the next step to take?

(Please don't suggest getting a new account or dropping this, the question is how to do I get the stolen account back.)

(I noticed that when I was emailed a receipt-confirmation copy of the information I submitted via the form, some extra information was attached to the form, like browser type, etc. Included in that was the fact that I was logged into the account that I was saying was stolen (Yahoo has a two-layer cookie security system, and I was still logged in when I filled out the form, even though I couldn't make changes to recover my account). I assumed this would demonstrate I wasn't trying to fraudulantly claim an account that wasn't mine, but I wonder if it was interpreted as suggesting the account was still in my control and nothing needed doing?)

Does anyone know Yahoo's policy for these cases?
I read elsewhere that a subpoena might be necessary. Does that sound right, and if so, how would I get one of those?
posted by -harlequin- to Computers & Internet (15 answers total)
Are you saying your password was stolen ? Then how are you login in ?

It happened to me couple of years ago and took a few months before I was able to reach some human being on the other side and they reset the password. Initially I had gotten an email at my secondary email address saying my password has been changed. I had almost given up hope at that point. But eventually it worked out.

One of the problem also was I had used random info to fill into my profile which I did not remember afterwards of course. It is not an uncommon practice for fear of ID theft. I believe to recover your password etc. you need to verify some of these profile info. But then again if somebody steals your account they can very well change the info in your profile. Not sure why they did not change the seconday email address either. May be the intent was not as malicious it could have been.

I am not sure I know about the two layer cookie system. Or are you saying they have two different authentication systems ? which are not in sync ?

posted by flyby22 at 7:13 AM on August 12, 2005

Response by poster: The two layer system is that you can be logged in, but if you want to change any details (like password or address), it will ask you for your password, even though you are logged in. So I was logged in, but couldn't undo the theft because I didn't have the password.
posted by -harlequin- at 7:18 AM on August 12, 2005

Now if you log out from the first layer can you log back in again ? Now I remember, now that you mention, I was eventually prevented from loggin in at all even though I was able to log in and check email initially.
posted by flyby22 at 7:20 AM on August 12, 2005

Response by poster: I'm still not explaining that very well, I can't log in anymore, but at the time the password and email address was changed, I was already logged in, so the cookie was already active in my browser, and as long as I had that cookie, I was logged in but couldn't change anything. Now that the cookie has expired, I can't even log in.
posted by -harlequin- at 7:24 AM on August 12, 2005

oh ok..i got it.. it was merely you were on an already open or active session. Once that session expired you could not get back in.

Have you gotten any email from any of their "human" support folks ? That is the hardest part with the free accounts, even though I am not sure it is any different for paid accounts.

I guess eventually somebody will very likely respond to your email. I am not sure how much of a legal help you can use for these free accounts. But if you do have important emails etc. in your account one option may be to consult the state AG's consumer affairs office and see if they have any advice. I have found them useful in a number of occasions.
posted by flyby22 at 7:33 AM on August 12, 2005

Since ID theft has become more serious issue than a few years ago, I would imagine yahoo probably pays more attention these days even though you have to wait a few days or a week.
posted by flyby22 at 7:40 AM on August 12, 2005

Not to be a cynic, but I know a number of people who have had their yahoo accounts hijacked, and I know zero who have actually gotten a helpful response from support. I hope you're the first.
posted by Jairus at 7:42 AM on August 12, 2005

I have never dealt with Yahoo, but this has happened to me and a few people I know on Hotmail. It has always just been a case of emailing the help address then providing them with as much info as possible as to your details and what is in the emails in the account, and every time Hotmail have righted the problem.
posted by fire&wings at 7:53 AM on August 12, 2005

I don't know the solution to your problem but a friend has his hotmail account spoofed and he fell for it. I asked him why anyone would want it and he said he didn't know. A few weeks later it hit him... it was attached to his eBay account and the person had been putting up fraud auctions. If I were you I'd check into any other sites where you used the address as an identifier.

(For the record, my friend had used his email in past auctions. He got spoofed. The spoofer sent an "I forgot my password to eBay." They got his eBay password, changed both passwords, and set up shop.)
posted by dobbs at 8:00 AM on August 12, 2005

Response by poster: Unfotunately, I don't use the account for email, and my website was deleted a while back. On the brighter side, I'm still getting the daily digests from some Yahoo Groups, suggesting my email address is still a secondary somewhere.

I would have assumed that account changes would be logged so that the old info was kept for a while for just this kind of situation, but it sounds like it might not be the case :-/
posted by -harlequin- at 8:02 AM on August 12, 2005

Response by poster: dobbs: I was wondering the same thing, then I discovered that Yahoo accounts can have credit card info and stuff in them (mine doesn't, nor do I use the email address for other sites). That's actually why I didn't notice the spoof until it was too late - it never occurred to me someone would want lousy Yahoo accounts, I didn't know they could contain credit card details :-/
posted by -harlequin- at 8:06 AM on August 12, 2005

yeah you may have saved emails with your purchase records from online stores etc.. and sometimes they have details that you dont pay attention to. Yes you may also have credit card info saved in your account.

When mine was hijacked (i do not remember how, as I said it was a few years ago) mine was mainly used to participate in some lousy mailing lists.

If you do not have any immediate reason to get alarmed by the scenarios described above, I would wait and keep pinging the yahoo support email addresses and eventually somebody will get back to you hopefully.
posted by flyby22 at 8:24 AM on August 12, 2005

point of curiousity: how exactly are people using the word "spoofed" here? I'm familar with it being used to say, spoof packets or spoof email messages (ie, make the packets/emails appear that they are coming from someone else rather than their actual origin), but not in a sense of someone obtaining your password through phishing or other means. Is there a new exploit I'm unaware of, or has "spoof" become a more general term to refer to what happens when you get a spoofed email and give away your account password because of it?
posted by fishfucker at 9:15 AM on August 12, 2005

Have the questions been changed in the 'I forgot my password' retrieval page?
posted by jikel_morten at 10:33 AM on August 12, 2005

Response by poster: jikel_morten:
The primary email address has been changed, so regardless of the questions, any new password is sent to the theif.

Fishfucker: Yes, phishing is sometimes referred to as spoofing the login page. Perhaps incorrectly.
posted by -harlequin- at 5:01 PM on August 12, 2005

« Older Cadaver disposal on the cheap.   |   Removing smells from paper Newer »
This thread is closed to new comments.