I've gotten a couple of spam emails from people in my email contacts list who have mail accounts @yahoo.com. One emailed me and confirmed that someone gained access to his account without his knowledge and sent out sketchy URLs.
Has anyone else noticed anything?
Typically, this problem occurs when someone clicks on a page or script. If they have their email open or connected to it all the time, then said script can access your contact list and send out an email via your email to all your contacts.
Or at least, that's how it was explained to me. I get random ones from @hotmail and @gmail accounts as well.
Yeah, I've gotten nothing in any of my inboxes and my Yahoo account shows nothing sent.
Ah, makes sense. That's called a cross site scripting (XSS) vulnerability, right?
LincolnB wrote:
Ah, makes sense. That's called a cross site scripting (XSS) vulnerability, right?
no, not really. it is more accurately a cross site request forgery.
It's also possible his password was hijacked by a keylogging malware installation. Has this been an ongoing problem?
Register to Join the Conversation
Have your own thoughts to add to this or any other topic? Want to ask a question, offer a suggestion, share your own programs and projects, upload a file to the file archives, get help with calculator and computer programming, or simply chat with like-minded coders and tech and calculator enthusiasts via the site-wide AJAX SAX widget? Registration for a free Cemetech account only takes a minute.
»
Go to Registration page
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
