A week after my Yahoo! account got phished, I’ve finally regained control of it today. I’ve made several attempts in the past to request a new password from Yahoo by filling up relevant information for the account in the Yahoo! ID/Password Recovery form but was unsuccessful each time. Digging around Yahoo’s help forum, I found out the email address for their account security and sent a request to get a new password, reporting that a phisher is using my account to try and con people. Here’s the contents of the first email I sent.
My other account, StolenAccountNameHere@yahoo.com, has been phished about a week ago. As I could no longer remember some of my registration information, I could not get a new password to recover it. Is there an alternate way of recovering the account (perhaps by answering some security questions)?
If not, is it possible to disable the account? A friend recently contacted me and said that the phisher, posing as me, was asking her to purchase recharge cards and send codes to the account.
I’m concerned that the scammer could use my name and account for illegal activities.
I didn’t have to wait long before I received an automated email requesting some pertinent information about the account including the ID, name, birthday, alternate email address, secret question and answer, city/state, zip code entered during registration and country. The email also clearly specified that I should not alter the subject line in any way when replying.
Of all the information needed, the most difficult one to answer is the one about the security question and answer. I had to remember the exact security question on my own and then provide the correct answer. How the heck would I know what security question I chose all those years ago? Well, hubby suggested one security question that I could have used when creating the account. I wasn’t too sure about the security question he suggested but thought that it is likely that I could have chosen that so I decided to give it a go.
Next is the problem regarding zip code and country. I have moved around a lot since creating this particular account and it could have been any of the numerous zip codes and one of the three countries I’ve lived in during the more than 10 years I’ve had this account. However, I remember that I signed up for the account when Yahoo! wasn’t as big a company as it is now and could quite clearly recall that I had some issues with the registration form then. If I recall correctly, Yahoo! didn’t even have any other country to choose from other than US or Canada then. It’s highly likely that I might have used US as my country when I signed up. But which zip code did I use? I surmised that I might have used a zip code from an American TV show I used to watch regularly.
A day after receiving the email requesting me to confirm my account’s information, I filled up the form and answered it to the best of my ability. In questions where I was uncertain whether I’ve updated the information, I’ve put in two answers. For instance, I answered US or Philippines for the country.
I replied to the email and thought I would have to wait for a day or two for Yahoo to get to my request. Happily, I didn’t have to wait long until I got another email from Yahoo! This time, it was signed by a real name (as opposed to the earlier mail which was just had Yahoo! Account Security Customer Care). This email basically asked for the same question as the previous one – ID, name, security answer (note that it there’s no mention of the security question), birthdate on the account, zip code and country. In addition, I was asked to provide a copy of a state/government issued photo ID, an alternate email address to contact me and permission for them to enter my account.
I answered all the questions and faxed the entire exchange of emails plus a photocopy of my passport to a number they provided last night. When I checked my alternate email address this morning, several messages from Yahoo! were waiting. One of them had a title of “Your new requested Yahoo! password. Please reset your password now” which contained a temporary password to my compromised account. I quickly used that to login to my old account and gave a big sigh of relief when I was able to finally see my inbox.
After inspecting the contents of the account, it didn’t seem like the cracker had any interest in my incoming mail. All incoming mail since last week seemed to have been unread, no outgoing messages in the Sent folder (although the scammer could have deleted them to cover his tracks) and no important emails were forwarded. I was amused and a bit horrified to see though that everytime I reported the account as having been phished, Yahoo! has replied to the account!
I also logged in to the Yahoo! Messenger and looked at my friends list (which has more names than I remembered) to see who the impostor would have contacted. Fortunately, most of the IDs listed were really old and those friends either no longer use those accounts or I have lost touch with them a long time ago that they may suspect someone posing as me asking them for favors. At any rate, only one of the names regularly goes online and that friend has contacted me to verify that it wasn’t me she was conversing with last weekend.
One area the scammer definitely got into was the account settings. Here’s the screenshot of my settings (items have been pixelised to protect my email addresses). The cracker changed the account name to some rubbish text and changed the postcode for my work address. Whoever it was didn’t change the postcode to my Philippine address. Why he/she would want to change the account name is anyone’s guess. I suppose it’s just a marker for them to determine if they have already harvested the contacts list for an account should they encounter it again.
So yeah, I’m quite happy I got my mailbox back. I just wish I could help some friends to recover theirs too.