Yahoo! Mail App Helps Fight Hackers

By Alicia Young February 16, 2017

Yesterday I learned that karma is, in fact, real. After reporting on Yahoo!’s recent shortcomings and its latest attempt to bring users back into the fold by rolling out new updates to its mail app, I received a security notice from the company not even five minutes later. The irony here is that I said earlier in the day that I had yet to install the Yahoo!! Mail app because I didn’t see its purpose. However, after receiving the notice and reading up on how the app can, in fact, help prevent against hackers, I immediately downloaded it. Let’s take a look at the company’s latest hacking news, and how the mail app can be used to stop fraudulent attempts on your account.

In the notice I received from Yahoo!, the company stated:

Our outside forensic experts have been investigating the creation of forged cookies that could allow an intruder to access users’ accounts without a password. Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account. We have connected some of the cookie forging activity to the same state-sponsored actor believed to be responsible for the data theft we disclosed on September 22, 2016. Those users targeted by the state-sponsored actor were sent an additional notification like the one found here: https://help.Yahoo!.com/kb/SLN26995.html.

The fact that this could have happened in 2015 or 2016, and it is now February 2017 and I’m just now hearing about it, is kind of terrifying. The email goes on to say that Yahoo! has invalidated the forged cookies and “hardened” its systems to secure them against any more attacks of a similar nature. That’s all well and good, but this breach of my privacy still left me feeling a little uneasy. Yahoo! suggested in the email that I should review all my accounts for suspicious activity, be cautious of any unsolicited communications that ask for my personal information, and avoid clicking on links or downloading attachments from suspicious emails. These are all things I do anyway, but the last item on the list caught my eye—the Yahoo! Account Key.

Beforehand, I had simply been using multi-factor authentication and my password to login to my account. However, the Yahoo! Account Key gets rid of passwords altogether and instead uses the Yahoo! Mail app to allow users access to their accounts (this is the part where I begrudgingly downloaded the app, all the while thinking that I had jinxed myself with that earlier article).

The Yahoo! Account Key works by sending notifications to your Yahoo! Mail app when someone tries to login to your account. So, for example, if someone is trying to log into my account from a desktop by using Google Chrome, I will get a notification on my phone from the app, with those exact details, asking if the user is me. If it’s not, I can simply click “No” from within the app. If it is me logging in from another device, all I have to do is click “Yes,” and I gain instant access. Assuming that the hacker does not also have your mobile phone or some other device with email access on it, this is a great way to see when exactly someone is attempting to hack your account.

Although Yahoo! clearly has some security problems, it’s doing a pretty good job of improving its defenses. The only problem is that these defenses don’t seem to be advertised very well—I had never heard of the Yahoo! Account Key until yesterday. Hopefully these new security measures can help the company keep hackers out—especially because this latest news caused Verizon, which is set to buy Yahoo!, to lower its price by $250 million. This is a big blow to the company, and potentially makes Yahoo! the biggest victim of the hacks. Let’s hope these security breaches have no more casualties.   




Edited by Stefania Viscusi
SHARE THIS ARTICLE
Related Articles

Why Blockchain Could Be a Gamechanger

By: Paula Bernier    1/22/2018

Blockchain has become closely associated with the controversial topic of cryptocurrency. And that's fine because blockchain is an enabling technology …

Read More

Consumer Privacy in the Digital Era: Three Trends to Watch

By: Special Guest    1/18/2018

Digital advertising has exploded in recent years, with the latest eMarketer data forecasting $83 billion in revenue this year and continued growth on …

Read More

CES 2018: Terabit Fiber - Closer Than We Think

By: Doug Mohney    1/17/2018

One of the biggest challenges for 5G and last mile 10 Gig deployments is not raw data speeds, but middle mile and core networks. The wireless industry…

Read More

10 Benefits of Drone-Based Asset Inspections

By: Frank Segarra    1/15/2018

Although a new and emerging technology, (which is still evolving), in early 2018, most companies are not aware of the possible benefits they can achie…

Read More

VR Could Change Entertainment Forever

By: Special Guest    1/11/2018

VR could change everything from how we play video games to how we interact with our friends and family. VR has the power to change how we consume all …

Read More