Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

5 things you should do following the Yahoo breach

Lucian Constantin | Dec. 16, 2016
The massive data breach can be an opportunity to do some cleanup and implement security recommendations

Internet giant Yahoo announced a massive data breach Wednesday that affected over one billion accounts, making it by far the largest data breach in history. This follows the disclosure in September of a different breach that affected more than 500 million of the company's customers.

What stands out with this new security compromise is that it occurred over three years ago, in August 2013, and that hackers walked away with password hashes that can be easily cracked.

If you're a Yahoo user you should consider your password compromised and should take all the necessary steps to secure your account. You should follow all of Yahoo's recommendations, but here are a few more that you should have in mind:

1. Don't save emails you don't need

Because space is no longer a problem with most email services, users tend to never delete emails. While that's extremely convenient, it's not a very good idea, because it allows hackers to easily discover what other online accounts are tied to that address by searching for sign-up or notification emails from various online service providers.

Aside from exposing the link between your email address and accounts on other websites, sign-up and notification emails can also expose specific account names that you've chosen and are different from the email address.

You might want to consider cleaning your mailbox of welcome emails, password reset notifications and other such communications. Sure, there might be other ways for hackers to find out if you have an account on a certain website, or even a number of websites, but why make it easier for them to compile a full list?

2. Check your email forwarding and reply-to settings

Email forwarding is one of those "set it and forget it" features. The option is buried somewhere in the email account settings and if it's turned on there's little to no indication that it's active.

Hackers know this. They only need to gain access to your email account once, set up a rule to receive copies of all your emails and never log back in again. This also prevents the service from sending you notifications about repeated suspicious log-ins from unrecognized devices or IP addresses.

Another technique that attackers might use to get a copy of your emails is to change the reply-to address in your email settings, although this is noisier and can be spotted more easily than a forwarding rule.

The reply-to field is included in every email message that you send and allows the recipient's email client to automatically populate the To field with an address you chose when they hit reply. If a hacker changes the reply-to value with an address that he controls, he will receive all email replies intended for you and these typically include the original emails that you sent.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.