Why Yahoo is The Worst Email Service on the Planet
[Do you get our weekly free newsletter with the latest scams and tips to stay safe? Sign up now and be smarter and safer using the Internet! ]
We imagine that we’ll be hearing from Yahoo’s lawyers if we don’t state up front that we are expressing our collective opinion based on years of experience at observing email-centered scams and seeing thousands of hacked email accounts misused to send malicious links.
It is our opinion that Yahoo is the worst email service on the planet
for protecting both its users and itself against misuse.
There. We said it and we feel better. For reasons we can’t explain, legitimate Yahoo email account holders get their email accounts hacked and misused far more frequently than any other email service we have ever seen. (By the way, second place in the race for hacked email accounts goes to AOL users and the third place winner is Hotmail.)
We also see thousands of scams coming from Yahoo email addresses, again more than any other email service. And we don’t know whether or not all of these scam emails are actually coming from a Yahoo email server or they are simply spoofed to look like they come from Yahoo. But it doesn’t matter. Anytime we get an email from a Yahoo address we flinch. Our instinct is to jump for the delete key! But then we realize that it’s our job to investigate so we can keep you informed. So, carefully, we peek inside. Here’s an example of the scams we see from Yahoo email senders in just a few days on one honeypot email host:
We have blurred out legitimate Yahoo account holders that we have confirmed had their accounts hacked. We have also blurred out the recipients accounts and their names. One of the most troubling things about these emails is that they are sometimes addressed to the correct full name of the recipient… “How are you Bob Smith?” That would likely get me to open the email if I were Bob Smith. Would you?
Here is another group of Yahoo emails that caught our eye because they ALL came from a legitimate Yahoo account holder who informed us that her account had been hacked and misused:
Again, we have blurred out her account name as well as the recipients. Notice how many blurred subject lines specifically identify the recipient by name!
…Yo, Hi, How are you, How’s it going, Hello, Good afternoon, Sup, Salutations…
Salutations? Who talks like that?
Are you wondering what’s inside these nasty emails? We have found that the vast majority of scam or hacked emails from Yahoo contain the same type of thing over and over. …a single malicious link that can cause a computer infection if clicked. Here are 7 such emails. Do you see a pattern to these emails?
Our guess is that the scammers have a program that automates these emails. Not a lot of variation but nonetheless, they are effective. You would be surprised to know that lots of folks click the link when the email comes from someone they know. That’s one of the main reasons why the scammers hack your email in the first place!
Botton line: Our advice is…
1. Don’t use Yahoo for your email account. If you have a Yahoo email, start transitioning to another service and be sure to use a strong password that is 10 characters or more! (Time for a new password! Check out our article on how to create strong passwords.) If you are looking for a free email service (i.e. not Verizon or Comcast), we suggest a Google Gmail account. (Google didn’t pay us to say this but we wouldn’t turn down their check either.)
2. Whenever you receive ANY email from a Yahoo address, be very cautious and skeptical. Even if you know the sender of the email because chances are good that the sender’s account was hacked. Don’t click links in the email that seem peculiar, out-of-context, or suspicious without first contacting the sender (by phone? in person?) to verify that he or she sent the email!
Related Web Resources:
Yahoo Hacks Cause ISP to Drop Them by Liam Tung, ZD Net, May 31, 2013
Yahoo Mail Hacked Again – Serious Questions Raised About Its Ability to Protect Users by Mike Wheatley, SiliconAngle.com, April 30, 2013
Yahoo’s Email System Hacked by Criminal Spammers by Geoff White, Channel 4 News, March 21, 2013