Please immediately terminate your yahoo API coming from this domain http://rose1.cwsurf.de/login24.php as it is abusing your developer API to illegally SPAM email to contacts in personal address book. They have done this by imitating yahoo login page (which is as part of the email attachment) and prompting user to rekey in username password at imitated yahoo login page. Upon clicking on login button, it will post the username password to "http://rose1.cwsurf.de/login24.php" for further process using yahoo mail and social API.