How your Yahoo! Mail account can be hacked with phishing – A real life example explained

Introduction

In this article, I am going to illustrate a real life scenario where an attempt to hack my email account was carried by fooling me into giving my user name / password through a fake website that looks like Yahoo! Mail.

Such attacks, where the victim is lured into entering information in what looks like an innocent website, are called “phishing attacks”. Wikipedia defines “phishing” as the following:

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication

In the subsequent sections I will show you how the attack is carried, how you can inspect such emails by yourself and then conclude by giving you some safety guidelines. Continue reading

Disposable emails with Gmail

What are disposable emails?

Disposable emails are emails that you can use temporarily with websites you don’t trust and that require registration and/or an email address. After you use the email address you can discard it by creating a filter that redirects the disposable email address to the trash bin directly.

How to use disposable emails in Gmail?

It is very simple. Unlike Yahoo Mail Plus! there is nothing to be created. Suppose your email address is, of course ;), John.Doe@gmail.com; to use a disposable email address for a website, say called www.myshopping.com, simply append a “+myshopping” after the email account name. The disposable email address will be: John.Doe+myshopping@gmail.com.

If you want to keep this email address just create a filter that moves the message to an appropriate Gmail folder. If you discover that this disposable address is amassing a lot of spam then create a filter that redirects all messages to that address directly into the trash bin.