In light of Yahoo’s recent announcement that every single email account that existed in 2013 was hacked in the previously announced breach — putting the number at 3 billion instead of 1 billion — you might be wondering what you need to do if you have a Yahoo account.
First, of course, you should change your account passwords and security questions and answers. You should also be extra cautious about any emails you get claiming to be from Yahoo.
Second, you should be on the lookout for phishing emails. How do you know an email purporting to be from Yahoo really is from Yahoo? Well, there are a few indicators:
Well, there are a few indicators:
“The email from Yahoo about this issue will display the Yahoo icon Purple Y icon when viewed through the Yahoo website or Yahoo Mail app,” according to a FAQ Yahoo posted on its site. “Importantly, the email does not ask you to click on any links or contain attachments and does not request your personal information. … Avoid clicking on links or downloading attachments from such suspicious emails.” And what if you happen to be one of the millions of people who use the same or similar passwords for multiple websites? You then need to change the passwords for those accounts.
“Once hackers have access to ID and password information for one system, they routinely try the same combination against multiple other platforms to see which ones work, an easily automated process,” according to this USA Today story.
If you’d like some tips on creating good passwords, along with intel on a site where you check to see how strong your password really is, check out our blog post here.
Third, in addition to changing passwords and security questions and answers, you can enable two-step authentication on your Yahoo account, which essentially means you’ll need to enter your password along with a code sent via text message or telephone call, the first time you sign into your account using a computer or device (or after you clear the cache in your browser). That means if you lose your cell phone, you’ll definitely need to sign into your account using a recognized device. Here are the steps to enable two-factor authentication for your Yahoo account.
- Sign in and go to your Account security page.
- Click the button to enable Two-step verification.
- Enter your cell phone number.
- Click Send SMS to receive a text message with a code or Call me if you’d rather get a phone call with the information.
- Type in the verification code and click Verify.
Learn more about Two-Factor Authentication and other sites where you should really enable this security feature to stay safe by visiting our blog post.
And if you’re thinking to yourself, is this really all necessary? How likely is it someone would want to get into my email account and what could they do if they did?
Hackers might want to take over your email account and email your contacts with malware-laden spam, or mine personal information from your account they could use to steal your identity.
Skeptical about how this could happen? Is your email address connected to your bank and credit card accounts? What if you used the same password for your email that you do for your bank accounts? You’d be surprised at how many folks use the same password for every account, despite repeated warnings. There’s an amazing amount of information stored in most people’s inboxes — invoices, scanned ID’s, insurance information, tax forms, travel itineraries, all things that could be used for identity theft. The fact remains, we’re living a big part of our lives through our email now.
Hackers could also use the information they find in your email — like which businesses and organizations you regularly communicate with — to construct highly targeted phishing campaigns where they try to steal even more information from you.
If your identity was stolen, who would you call? Did you know it can take up to 200 hours for identity theft victims to repair the damage?
LibertyID provides expert, full service, fully managed identity theft restoration to individuals, couples, extended families* and businesses. LibertyID has a 100% success rate in resolving all forms of identity fraud on behalf of our subscribers.
*Extended families – primary individual, their spouse/partner, both sets of parents (including those that have been deceased for up to a year), and all children under the age of 25
Are you covered for identity theft?