YM hacker on the loose, i was a victim

[siacojin]

guys one way para makuha ng mga mandarambong na to ang mga yahoo account nyo is by sending you with this certain email or PM sa YM (gamit na nya is yung email/account na nahack nya which nandun kayo sa contacts) na may link at pinapacheck nya yung photo nya sa inyo. so since email yun ng friend nyo magtitiwala kayong ifollow yung link, this link will open just like the login site ng yahoo mail. so akala nyo within sa yahoo yung photo at need nyo talaga maglogin. enter nyo yung username nyo at yung password, akala nyo you are actually logging into your account which in fact with some server-side scripting na forward na sa hacker yung username and password nyo, after this you will be redirected to the real yahoo mail site which aakalain nyo na nagkamali lang kayo ng pagenter ng username or password at di kayo maghihinala. after makuha ng hacker yung username and password nyo maglalogin sya at babaguhin ang password at all info necessary para marecover nyo yung password nyo (secondary email, validation question, etc). in the end di na kayo makakalogin sa account nyo at sya na ang magoonline sa YM nyo at gagawin na nga nya ang MO na to.

FYI po. sana di kayo naguluhan sa explanation ko

here is a real working example, gumagana to mga bro HUWAG kayo maglalogin!!!

http://photos.gigacities.net/www.yahoo.com.html

take note of the link and wala yung security feature ng yahoo from phishing na authentication picture...

[awing]

thanks for the info. charge to experience na lang, dapat wag talaga magtiwala agad-agad. dapat tinawagan mo yung friend mo o kaya sya ang pinatawag mo para sana nalaman mo kung talagang sya ba yun o hindi. mahirap talaga magtiwala kung sa chat lang or sa email lang kayo naguusap lalo na at may pera na involved..

I dont have a contact number of that friend of mine since he is working from another country and we knew each other from our site lang. It is one of my weakness na madaling magtiwala.

[awing]

guys one way para makuha ng mga mandarambong na to ang mga yahoo account nyo is by sending you with this certain email or PM sa YM (gamit na nya is yung email/account na nahack nya which nandun kayo sa contacts) na may link at pinapacheck nya yung photo nya sa inyo. so since email yun ng friend nyo magtitiwala kayong ifollow yung link, this link will open just like the login site ng yahoo mail. so akala nyo within sa yahoo yung photo at need nyo talaga maglogin. enter nyo yung username nyo at yung password, akala nyo you are actually logging into your account which in fact with some server-side scripting na forward na sa hacker yung username and password nyo, after this you will be redirected to the real yahoo mail site which aakalain nyo na nagkamali lang kayo ng pagenter ng username or password at di kayo maghihinala. after makuha ng hacker yung username and password nyo maglalogin sya at babaguhin ang password at all info necessary para marecover nyo yung password nyo (secondary email, validation question, etc). in the end di na kayo makakalogin sa account nyo at sya na ang magoonline sa YM nyo at gagawin na nga nya ang MO na to.

FYI po. sana di kayo naguluhan sa explanation ko

here is a real working example, gumagana to mga bro HUWAG kayo maglalogin!!!

http://photos.gigacities.net/www.yahoo.com.html

take note of the link and wala yung security feature ng yahoo from phishing na authentication picture...

Exactly the same yung nangyari sa account ng friend ko.

[Type 100]

Marami nang nangyayaring ganyan. My classmates from college have had their YM accounts hacked into also.

Moral of the story is: change your passwords regularly. And make it VERY HARD to guess. Ideally, in your password, you should be using a combination of three of the four character types:

1) lowercase letters
2) uppercase letters
3) numbers
4) special characters

Data security is a big concern in my line of work, and applying some of those lessons (like the password-changing thing I've shared) is useful even in personal non-work situations.

[Syuryuken]

etong mga kostumer ko kumbinasyon ng alt+number, letter, number ang mga password nila

[CVT]

guys one way para makuha ng mga mandarambong na to ang mga yahoo account nyo is by sending you with this certain email or PM sa YM (gamit na nya is yung email/account na nahack nya which nandun kayo sa contacts) na may link at pinapacheck nya yung photo nya sa inyo. so since email yun ng friend nyo magtitiwala kayong ifollow yung link, this link will open just like the login site ng yahoo mail. so akala nyo within sa yahoo yung photo at need nyo talaga maglogin. enter nyo yung username nyo at yung password, akala nyo you are actually logging into your account which in fact with some server-side scripting na forward na sa hacker yung username and password nyo, after this you will be redirected to the real yahoo mail site which aakalain nyo na nagkamali lang kayo ng pagenter ng username or password at di kayo maghihinala. after makuha ng hacker yung username and password nyo maglalogin sya at babaguhin ang password at all info necessary para marecover nyo yung password nyo (secondary email, validation question, etc). in the end di na kayo makakalogin sa account nyo at sya na ang magoonline sa YM nyo at gagawin na nga nya ang MO na to.

FYI po. sana di kayo naguluhan sa explanation ko

here is a real working example, gumagana to mga bro HUWAG kayo maglalogin!!!

http://photos.gigacities.net/www.yahoo.com.html

take note of the link and wala yung security feature ng yahoo from phishing na authentication picture...

When you're hooked here, - even the regular changing of the password, together with the uppercase, lowercase, special character, number-scheme will not work....

Be very very careful and sure about the site you're in or accessing.....

5505:home:

[siacojin]

When you're hooked here, - even the regular changing of the password, together with the uppercase, lowercase, special character, number-scheme will not work....

Be very very careful and sure about the site you're in or accessing.....

5505:home:

yup! the identity thief doesn't have to guess or brute force hack your account to get your password with this technique. just make sure before logging into your account that the URL is legitimate

[wildthing]

i'm afraid to say that the TS was really "gullibly friendly" (pun intented).... obvious naman ang MO pagpera ang involve.

peace

[flex]

I also had this same experience...buti na lng medyo listo hehehe

kaya lesson #1 be very cautious when dealing sa net...coz you never see the person your talking to...

[shadow]

tingin most of the time ang mag nabibiktima nito is yun mga mahilig makipag chat sa mga hinde nila kilala, I mean people who they just meet in the net and mag chat na online...

and I think this is the reason why yahoo have the sign-in seal to prevent stuff like this...

yahoo sign in seal