I have received three emails today all claiming to be from Yahoo. The first and last had the subject “Your password has been successfully updated” and read like this:
Dear user john_94501,
You have successfully updated the password of your Yahoo account.
If you did not authorize this change or if you need assistance with your account, please contact Yahoo customer service at: webmaster@yahoo.com
Thank you for using Yahoo!
The Yahoo Support Team+++ Attachment: No Virus (Clean)
+++ Yahoo Antivirus – www.yahoo.com
The second one was a little different. It had the subject “Important Notification” and read like this:
Dear Yahoo Member,
Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service.
If you choose to ignore our request, you leave us no choice but to cancel your membership.
Virtually yours,
The Yahoo Support Team+++ Attachment: No Virus found
+++ Yahoo Antivirus – www.yahoo.com
All three had a ZIP file attached. In the file was a file with a name that had either a .exe or .pif extension, but cunnningly separated from the name by a lot of spaces (and a fake .htm extension attached to the name to try to fool people). Regardless of the name, the contents are the same Windoze executable file (MD5 = bf389ebd4b5a057259395f6a633f110f).
So what you ask? Well, the first of these landed in my mailbox this morning. Tonight, over 12 hours since I first saw this, as you can see from the screen grab above, Yahoo’s anti-virus system is still not catching this threat.
I tried to report it this morning, but had every email message bounced as unacceptable. One because I forwarded the offending message to them so they could pass it on to the anti-virus people; the next attempt, without the attachment, I don’t understand why it bounced (no reason provided). This afternoon I tried the web form and got an auto-response (case KMM38976014V69174L0KM), but apparently they are still not blocking this attachment.
Well it’s August 6th and I just received two of those types of emails. So they still aren’t doing anything about it.
Receiving the email is one thing, but can you download the attachment? If you are using Windows, don’t try it, but if you have access to a non-Windows platform (Linux, BSD or Mac OS for example), then try to download it and see if they let you. Normally, Yahoo only blocks virus attachments when you attempt to download them.
Another good test is to try to forward the message to another (non-Yahoo) email account. They will also strip virus attachments in that case if their anti-virus system detects them.
I recd 2 such mails today of the second type with a readme.zip attachment. but attachment was not downloadable as yahoo caught the virus Virus “W32.Mytob.EE@mm” found.
Yahoo’s virus protection clearly not up to scratch: my wife has been receiving these messages now for almost a month. She’s using Yahoo via POP, and, Yahoo allows the attachment to download. What’s more, Yahoo allows the attachment to be re-sent. Be careful with this one.
i have a problem with my yahoo – it is automatically sending infected files and email to random people in my address book via my account – can anyone help with how to stop this? thanks
i am not able to open yahoomail in my computer. i am able to visit all other sites
i can open my mail @ yahoo only i cant send anything out from that address. yet i can open msn for hotmail nd use that without a problem. why is that? anyone know??