Following up on my Jan 14th post of the Cyber Email Scam, I am reporting on Elisabeth’s belief as to HOW it happened as well as how she resolved the situation with Yahoo.
How did Elisabeth’s email get pirated?
Facebook is the root cause. She uncovered in her Yahoo mail Trash folder the following mail, dated Jan 13th (i.e. the night before the ‘attack’).
You recently requested a new password. Here is your reset code, which you can enter on the password reset page: XXXXXXX
You can also reset your password by following the link below: XXXXX (deleted)
Please note that this email has been sent to all contact emails associated with your account. If you did not reset your password, please disregard this message.
Check out http://www.facebook.com/help/?page=174 if you have any questions.
The Facebook Team”
Hey Facebook, how on earth did you let that happen? What breach of security does Facebook allow in order for someone else to be able to ask to change your password? Clearly, this means that we all need to be a lot more careful. Then, I do not understand how that helps the person to get into someone’s email account (I am not up to snuff on that type of hacking). I will see what I can do to uncover these mysteries and report back if/when I find anything.
Secondly, I want to recount Elisabeth’s jolly adventure with Yahoo after her account had been kidnapped. She recounts:
“I spent over an hour trying to find a person (chat/phone/etc) to contact on the Yahoo site for help. I couldn’t find anything and ended up filling out some standard Fraud forms that I found on the site (not too easily, by the way). The forms said I would receive a response after 24 hours! Also, the forms did not give me a space to list my phone number for someone to call me (since I didn’t have email!).
My husband and his co-worker also spent a great deal of time trying to get a person at Yahoo. He called Investor Relations and Corporate Office and got recordings both times. Finally, one of them found a phone number on the Internet (not on Yahoo’s site) and tried it 3 or 4 times pushing different selections each time until they got a real person. I will say that person helped us very quickly, but I still plan to switch away from Yahoo as this was so unhelpful. I really believe they should respond immediately to people who have had their emails compromised in fraudulent situations.”
Customer service at the Email providers such as Yahoo, Hotmail, etc. — free or not — will need to be more responsive to these types of situations which are bound to become more frequent. There needs to be a way to deal via telephone and some direct IMS type interface (which should be easily findable).
The net result in this case is one lost Facebook user, one lost Yahoo customer… Anyone else have their story to recount? Please do add in your side!