Yahoo! Mail App Helps Fight Hackers

By Alicia Young February 16, 2017

Yesterday I learned that karma is, in fact, real. After reporting on Yahoo!’s recent shortcomings and its latest attempt to bring users back into the fold by rolling out new updates to its mail app, I received a security notice from the company not even five minutes later. The irony here is that I said earlier in the day that I had yet to install the Yahoo!! Mail app because I didn’t see its purpose. However, after receiving the notice and reading up on how the app can, in fact, help prevent against hackers, I immediately downloaded it. Let’s take a look at the company’s latest hacking news, and how the mail app can be used to stop fraudulent attempts on your account.

In the notice I received from Yahoo!, the company stated:

Our outside forensic experts have been investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password. Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account. We have connected some of the cookie forging activity to the same state-sponsored actor believed to be responsible for the data theft we disclosed on September 22, 2016. Those users targeted by the state-sponsored actor were sent an additional notification like the one found here: https://help.Yahoo!.com/kb/SLN26995.html.

The fact that this could have happened in 2015 or 2016, and it is now February 2017 and I’m just now hearing about it, is kind of terrifying. The email goes on to say that Yahoo! has invalidated the forged cookies and “hardened” its systems to secure them against any more attacks of a similar nature. That’s all well and good, but this breach of my privacy still left me feeling a little uneasy. Yahoo! suggested in the email that I should review all my accounts for suspicious activity, be cautious of any unsolicited communications that ask for my personal information, and avoid clicking on links or downloading attachments from suspicious emails. These are all things I do anyway, but the last item on the list caught my eye—the Yahoo! Account Key.

Beforehand, I had simply been using multi-factor authentication and my password to login to my account. However, the Yahoo! Account Key gets rid of passwords altogether and instead uses the Yahoo! Mail app to allow users access to their accounts (this is the part where I begrudgingly downloaded the app, all the while thinking that I had jinxed myself with that earlier article).

The Yahoo! Account Key works by sending notifications to your Yahoo! Mail app when someone tries to login to your account. So, for example, if someone is trying to log into my account from a desktop by using Google Chrome, I will get a notification on my phone from the app, with those exact details, asking if the user is me. If it’s not, I can simply click “No” from within the app. If it is me logging in from another device, all I have to do is click “Yes,” and I gain instant access. Assuming that the hacker does not also have your mobile phone or some other device with email access on it, this is a great way to see when exactly someone is attempting to hack your account.

Although Yahoo! clearly has some security problems, it’s doing a pretty good job of improving its defenses. The only problem is that these defenses don’t seem to be advertised very well—I had never heard of the Yahoo! Account Key until yesterday. Hopefully these new security measures can help the company keep hackers out—especially because this latest news caused Verizon, which is set to buy Yahoo!, to lower its price by $250 million. This is a big blow to the company, and potentially makes Yahoo! the biggest victim of the hacks. Let’s hope these security breaches have no more casualties.   




Edited by Stefania Viscusi
SHARE THIS ARTICLE
Related Articles

Mist Applies AI to Improve Wi-Fi

By: Paula Bernier    11/9/2017

Mist has created an AI-driven wireless platform that puts the user and his or mobile device at the heart of the wireless network. Combining machine le…

Read More

International Tech Innovation Growing, Says Consumer Technology Association

By: Doug Mohney    11/8/2017

The Consumer Technology Association (CTA) is best known for the world's largest trade event, but the organization's reach is growing far beyond the CE…

Read More

Broadcom Makes Unsolicited $130B Bid for Qualcomm

By: Paula Bernier    11/6/2017

In what could result in the biggest tech deal in history, semiconductor company Broadcom has made an offer to buy Qualcomm for a whopping $130 billion…

Read More

How Google's 'Moonshot' Could Benefit Industrial Markets

By: Kayla Matthews    10/30/2017

The term "moonshot" encapsulates the spirit of technological achievement: an accomplishment so ambitious, so improbable, that it's equivalent to sendi…

Read More

After Cisco/Broadsoft, Who's Next for M&A?

By: Doug Mohney    10/27/2017

Cisco's trail of acquisition tears over the decades includes the Flip video camera, Cerent, Scientific Atlantic, Linksys, and a couple of others. The …

Read More